James Hemmings's repositories
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
G0T-B0R3D
A bunch of code and scripts I wrote because I was bored.
FindObjects-BOF
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
Ares
Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique
EDR_Detector
EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
PPLDump_BOF
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
Lazy-Importer
minimal msvc-windows exclusive lazy importer for C++
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
wsb-detect
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")
SharpClipHistory
SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.
Empire
Empire is a PowerShell and Python post-exploitation agent.
vuln-advisories-
Repository of vulnerability advisories and their respective proof of concept's that I have discovered under responsible disclosure.
InfoSec-Scripts
Python Scripts
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
Egress-Assess
Egress-Assess is a tool used to test egress data detection capabilities
Papers-Presentations
Whitepapers, and other university work that I have created.
FiredroidPager
Firedroid Pager - University Project