Zhongyuan Hau (Aaron)'s starred repositories
BlackLotus
BlackLotus UEFI Windows Bootkit
BloodHound.py
A Python based ingestor for BloodHound
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
Awesome-Vulnerability-Research
🦄 A curated list of the awesome resources about the Vulnerability Research
awesome-list
Cybersecurity oriented awesome list
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
semgrep-rules
A collection of my Semgrep rules to facilitate vulnerability research.
KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
windows-dll-hijacking
Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.
Linux-Incident-Response
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
elastic-container
Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
sharem
SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
UnhookingPatch
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
threathunting-spl
Splunk code (SPL) for serious threat hunters and detection engineers.
Sentinel-SOC-101
Content and collateral for the Microsoft Sentinel SOC 101 series
hackthebox
My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.