g0mx's repositories
Malware_Analysis
The scripts were ctreated and used by myself in malware analysis.
APTnotes
Various public documents, whitepapers and articles about APT campaigns
bcc
BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
deflat
use angr to deobfuscation
dirsearch
Web path scanner
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
ghidra-pyi-generator
Generates `.pyi` type stubs for the entire Ghidra API
Havoc
The Havoc Framework.
IoCs
Sophos-originated indicators-of-compromise from published reports
KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
llvm-pass-plugin-skeleton
This is a detailed step-by-step description on how to compile out-of-tree a dynamically linked LLVM pass plugin for the new pass manager in Windows x86_64, tested with llvm 16.x
llvm-tutor
A collection of out-of-tree LLVM passes for teaching and learning
maltrail
Malicious traffic detection system
ollvm-rust
rust toolchain with obfuscation llvm pass.
proc-macro-workshop
Learn to write Rust procedural macros [Rust Latam conference, Montevideo Uruguay, March 2019]
qiling
A True Instrumentable Binary Emulation Framework
Rat-winos4.0-gh0st
免杀远控木马源码整理开源(银狐 winos 大灰狼 gh0st) Rat
Rust-for-Malware-Development
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
tiny_tracer
A Pin Tool for tracing API calls etc
venom-rs
Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)
Yara-Rules
Repository of Yara Rules