Marcos Oviedo's repositories
GhidraSnippets
Python snippets for Ghidra's Program and Decompiler APIs
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
delete-self-poc
A way to delete a locked file, or current running executable, on disk.
impacket_static_binaries
Standalone binaries for Linux/Windows of Impacket's examples
InterProcessCommunication-Samples
Some Code Samples for Windows based Inter-Process-Communication (IPC)
printjacker
Hijack Printconfig.dll to execute shellcode
sakeInject
Windows PE - TLS (Thread Local Storage) Injector in C/C++
TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
WinDefend_ZeroDay
lol MS
Extensible-Storage-Engine
ESE is an embedded / ISAM-based database engine, that provides rudimentary table and indexed access. However the library provides many other strongly layered and and thus reusable sub-facilities as well: A Synchronization / Locking library, a Data-structures / STL-like library, an OS-abstraction layer, and a Cache Manager, as well the full blown database engine itself
FileTest
Source code for File Test - Interactive File System Test Tool
IOXIDResolver
IOXIDResolver.py from AirBus Security
LogicalAnalyzer
Logical Analyzer is a C# library for determining if Rules apply to provided Objects
openprocmon
open source process monitor
sandboxtank
Windows sandbox using buildins functions
SharpEDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
shellcodeloader-1
shellcodeloader
vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
WindowsExploitationResources
Resources for Windows exploit development