Giters
Gabriel Landau (gabriellandau)

gabriellandau

Geek Repo

150

followers

10

following

70

stars

Company:Elastic

Location:Maryland

Twitter:@GabrielLandau

Github PK Tool:Github PK Tool

Gabriel Landau's repositories

PPLFault

Language:CLicense:NOASSERTIONStargazers:475Issues:8Issues:5

EDRSandblast-GodFault

EDRSandblast-GodFault

Language:CStargazers:232Issues:3Issues:2

ShadowStackWalk

Finding Truth in the Shadows

Language:C++License:NOASSERTIONStargazers:75Issues:3Issues:0

CISpotter

Code Integrity Violation Spotter

Language:C++License:MITStargazers:15Issues:3Issues:0

ExtendedAttributeIpecac

Kernel EA Ipecac

Language:C++License:MITStargazers:6Issues:3Issues:0

ANGRYORCHARD

A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.

Language:CStargazers:3Issues:1Issues:0

EDRSandblast

Language:CStargazers:3Issues:0Issues:0

OffensivePH

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

Language:CLicense:GPL-3.0Stargazers:3Issues:0Issues:0

PPLmedic

Dump the memory of any PPL with a Userland exploit chain

Language:C++Stargazers:1Issues:1Issues:0

.github

default elastic community health files

Stargazers:0Issues:1Issues:0

AntimalwareBlight

Execute PowerShell code at the antimalware-light protection level.

Language:PowerShellLicense:BSD-3-ClauseStargazers:0Issues:0Issues:0

ctypes-windows-sdk

Ctypes port of Windows SDK (only small subset)

Language:PythonLicense:ISCStargazers:0Issues:1Issues:0

CVE-2022-21894

baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability

Language:CLicense:UnlicenseStargazers:0Issues:0Issues:0

dellicious

Enabled / Disable LSA Protection via BYOVD

Language:C++License:BSD-3-ClauseStargazers:0Issues:1Issues:0

com_inject

Stargazers:0Issues:0Issues:0

ecs

Elastic Common Schema

Language:PythonLicense:Apache-2.0Stargazers:0Issues:1Issues:0

grimreaper

A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls

License:NOASSERTIONStargazers:0Issues:0Issues:0

KExecDD

Admin to Kernel code execution using the KSecDD driver

Stargazers:0Issues:0Issues:0

kibana

Your window into the Elastic Stack

Language:TypeScriptLicense:NOASSERTIONStargazers:0Issues:1Issues:0

livedump

Automatically exported from code.google.com/p/livedump

Language:C++License:GPL-3.0Stargazers:0Issues:1Issues:0

mkreglink

Language:C++License:MITStargazers:0Issues:2Issues:0

moneta

Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs

Language:C++License:GPL-3.0Stargazers:0Issues:1Issues:0

PPLdump

Dump the memory of a PPL with a userland exploit

Language:CStargazers:0Issues:1Issues:0

PPLKiller

Tool to bypass LSA Protection (aka Protected Process Light)

Language:C++Stargazers:0Issues:1Issues:0

psutil

Cross-platform lib for process and system monitoring in Python

Language:PythonLicense:BSD-3-ClauseStargazers:0Issues:1Issues:0

pytest

The pytest framework makes it easy to write small tests, yet scales to support complex functional testing

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

Silhouette

Keep it secret, keep it safe

Language:CLicense:NOASSERTIONStargazers:0Issues:1Issues:0

systeminformer

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

Language:CLicense:MITStargazers:0Issues:0Issues:0

TitanLdr

Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH

Language:CStargazers:0Issues:1Issues:0

WinObjEx64

Windows Object Explorer 64-bit

Language:CLicense:BSD-2-ClauseStargazers:0Issues:1Issues:0