eugenepjk's starred repositories
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
AdversaryEmulation
MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository
RedHunt-OS
Virtual Machine for Adversary Emulation and Threat Hunting
artificial-adversary
🗣️ Tool to generate adversarial text examples and test machine learning models against them
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Antivirus-Artifacts
Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
RedTeam_toolkit
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
MobileHackingCheatSheet
Basics on commands/tools/info on how to assess the security of mobile applications
firmware-analysis-toolkit
Toolkit to emulate firmware and analyse it for security vulnerabilities
fileless-elf-exec
Execute ELF files without dropping them on disk
CVE-2021-3929-3947
Recursive MMIO VM Escape PoC
VisualDoor
SonicWall SSL-VPN Exploit