Itay Migdal's starred repositories
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
Packer_Development
Slides & Code snippets for a workshop held @ x33fcon 2024
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
kdmapper-rs
Rust port of kdmapper
Invoke-DumpMDEConfig
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
WALK_WebAssembly_Lure_Krafter
A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing exercises leveraging WASM smuggling techniques.
TotalRecall
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
psgetsystem
getsystem via parent process using ps1 & embeded c#
rust-windows-shellcode
Windows shellcode development in Rust
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
InfinityHook_latest
etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
msg-extractor
Extracts emails and attachments saved in Microsoft Outlook's .msg files
cantordust
Public repository for Cantordust Ghidra plugin.