luom's starred repositories
auto-cpufreq
Automatic CPU speed & power optimizer for Linux
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
Proxy-Attackchain
Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)
.NetConfigLoader
.net config loader
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
autochk-rootkit
Reverse engineered source code of the autochk rootkit
hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
LoudSunRun
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
Cortex-XDR-Config-Extractor
Cortex XDR Config Extractor
CVE-2023-27532
Exploit for CVE-2023-27532 against Veeam Backup & Replication
angryorchard
A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
ToyObfuscator
Toy LLVM obfuscator pass
PsNotifRoutineUnloader
This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCreateThreadNotifyRoutine from ESET Security to bypass the driver detection
ShelbyObfuscator
Obfuscator for llvm 16.0.2