dfirence's repositories
ma-insights-xe
User Feedback Space of #MitreAssistant
pe-compass-samples
PE Samples To Test
safiro-demo
A Web Based Demo of Safiro Telemetry
aod-public
Community Outreach Resource For AOD
Content-Library-CIM2
Clone from EXABEAM
EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
FlavorTown
Various ways to execute shellcode
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
json-rule-editor-cloned
Json rule editor
learnmode_csharp
Learning/Experimenting With C#
ntdiff-headers
Fork from wonderful NTDIFF
ntdlll-unhooking-collection
different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
public-strike-paths
Outreach Location About Strike-Paths Utility
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
SoftEtherVPN
Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
TangledWinExec
PoCs and tools for investigation of Windows process execution techniques