Giters
Mohamed El Azaar (med0x2e)

med0x2e

Geek Repo

542

followers

3

following

93

stars

Company:Yo.

Location:127.0.0.1

Twitter:@med0x2e

Github PK Tool:Github PK Tool

Mohamed El Azaar's repositories

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Language:C#License:MITStargazers:967Issues:20Issues:10

GadgetToJScript

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

Language:C#License:GPL-3.0Stargazers:830Issues:25Issues:14

ExecuteAssembly

Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).

Language:C++Stargazers:527Issues:19Issues:3

NTLMRelay2Self

An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).

Language:CStargazers:383Issues:6Issues:1

NoAmci

Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().

Language:C#Stargazers:211Issues:7Issues:0

vba2clr

Running .NET from VBA

Language:VBAStargazers:128Issues:3Issues:0

NET-Assembly-Inject-Remote

.NET assembly local/remote loading/injection into memory.

Language:C#Stargazers:117Issues:9Issues:0

genxlm

A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4Macro"

Language:GoLicense:GPL-3.0Stargazers:87Issues:3Issues:1

RT-EWS

A Powershell module including a couple of cmdlets for EWS Enum/Exploitation.

Language:PowerShellStargazers:17Issues:2Issues:0

CSharpScripts

Collection of C# scripts

Language:C#Stargazers:5Issues:2Issues:0

SharpView

C# implementation of harmj0y's PowerView

Language:C#License:MITStargazers:3Issues:1Issues:0

DidierStevensSuite

Please no pull requests for this repository. Thanks!

Language:YARAStargazers:2Issues:1Issues:0

ProcessHider

Post-exploitation tool for hiding processes from monitoring applications

Language:C++Stargazers:2Issues:1Issues:0

elk-detection-lab

An ELK environment containing interesting security datasets.

Language:ShellStargazers:1Issues:1Issues:0

Scrncat

A script using OCR (pytesseract) and PIL to rename/order/group Screenshots into PR/RT phases based on which RT/PT stage executed commands correspond to & Redact passwords based on common password patterns (Regex) or a passwords/hashes list of choice.

Language:PythonStargazers:1Issues:2Issues:0

ICS-Security-Tools

Tools, tips, tricks, and more for exploring ICS Security.

Language:PythonLicense:CC-BY-4.0Stargazers:0Issues:1Issues:0

maruos

Your phone is your PC.

License:Apache-2.0Stargazers:0Issues:0Issues:0