Hossam Mostafa's starred repositories
Parasite-Invoke
Hide your P/Invoke signatures through other people's signed assemblies
Conferences
Conference presentation slides
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
CVE-2024-3094-info
Information for CVE-2024-3094
Psinfo
Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process Enivornment Block) and displays the collected information and suspicious memory regions for all the processes running on the system. This plugin should allow a security analyst to get the process related information and spot any process anamoly without having to run multiple plugins.
digital-forensics-lab
Digital forensics lab course, as offered in FAST NUCES Karachi during Spring 2023.
Mobileforensics
Python scripts for doing Android or IOS mobile forensics
Santoku-Linux
Linux Distro for Mobile Security, Malware Analysis, and Forensics
OSINT-FORENSICS-MOBILE
Tools OSINT MOBILE
AutoParser
AutoParser is a forensic tool for parsing offline registry hives.
EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Calendarinho
Manage Your Large Team of Consultants
osquery-defense-kit
Production-ready detection & response queries for osquery
sysmon-modular
A repository of sysmon configuration modules