boh's starred repositories
CSharpRepl
A command line C# REPL with syntax highlighting – explore the language, libraries and nuget packages interactively.
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
SysWhispers3WinHttp
Syscall免杀
awesome-gpt-security
A curated list of awesome security tools, experimental case or other interesting things with LLM or GPT.
Security-operation-book
一些常见的安全检测规则及事件
AV-EPP-EDR-Windows-API-Hooking-List
Depending on the AV/EDR we will check which Windows APIs are hooked by the AV/EDR
AutoGPT-Social
Autonomous Instagram bot which creates and optimizes posts to maximize engagement
process-cloning
The Definitive Guide To Process Cloning on Windows
PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
Hunt-Weird-Syscalls
ETW based POC to identify direct and indirect syscalls
PatchlessInlineExecute-Assembly
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
Direct-Syscalls-A-journey-from-high-to-low
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
SliverC2-Forensics
A collection of tools and detections for the Sliver C2 Frameworj
DynamicFinder
A DLL sideloading utility.
Responder-Parser
Most Responder's configuration power in your hand