Moath Maharmeh's repositories
SharpStrike
A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.
SharpSpray
Active Directory password spraying tool. Auto fetches user list and avoids potential lockouts.
yara-scanner
YaraScanner is a file pattern-matching tool based on YARA rules.
RedWardenLite
A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.
PyExchangePasswordSpray
Microsoft Exchange password spray tool with proxy support.
file_watchtower
Lightweight File Integrity Monitoring Tool
web-log-analyzer
Web access logs analyzer - provides an insight on how remote hosts behave
appsec-with-yara
Code review assistant Repo. A Collection of YARA rules to find potential security issues in code.
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
RSA_AES_Test_Client_Server
Simple application for illustrating encrypted communications between a client and server over HTTP using RSA & AES Algorithms.
ess-notifier
Send Slack & email notifications whenever a new security notable event is triggered on Splunk Enterprise Security.
HTTP_Version_Detector
Multi-threaded HTTP service scanner. Discover HTTP servers for range of IPs
sqlite-pooling
SQLite connection pooling with stress tests. Multi-layers architecture style.
Yara-Rules
Repository of Yara rules
link_guardian
Simple PHP script traffic filter and redirector
ADMap
Offensive tool for Active Directory reconnaissance
Backstab
A tool to kill antimalware protected processes
diffie_hellman_key_exchange
Simple application for illustrating encrypted communications between a client and server over HTTP using Diffie-Hellman & AES Algorithms.
ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
False-Positive-Center
Repository to help security vendors deal with false positives
hermes-dec
A reverse engineering tool for decompiling and disassembling for React Native Hermes bytecode
PeNet
Portable Executable (PE) library written in .Net
PeNet.Asn1
ASN.1 parser used by PeNet do parse Authenticode signatures
php-weblogger
Simple PHP script for logging visitors information
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
reFlutter
Flutter Reverse Engineering Framework
WebHostHealthMonitor
Simple website health monitor tool