Giters
Jonathan Reiter (reiterjr)

reiterjr

Geek Repo

7

followers

24

following

383

stars

Twitter:@jon__reiter

Github PK Tool:Github PK Tool

Jonathan Reiter's repositories

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Language:CLicense:Apache-2.0Stargazers:0Issues:0Issues:0

alpaca

Serialization library written in C++17 - Pack C++ structs into a compact byte-array without any macros or boilerplate code

Language:C++License:MITStargazers:0Issues:0Issues:0

Havoc

The Havoc Framework.

Language:GoLicense:GPL-3.0Stargazers:0Issues:0Issues:0

Banshee-Rootkit

Experimental Windows x64 Kernel Rootkit.

Stargazers:0Issues:0Issues:0

Beacon_Source

not a reverse-engineered version of the Cobalt Strike Beacon

Language:CStargazers:0Issues:0Issues:0

cookie-monster

BOF to steal browser cookies & credentials

License:GPL-3.0Stargazers:0Issues:0Issues:0

CreateService_Win

File backup

Language:C++Stargazers:0Issues:0Issues:0

DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Language:CStargazers:0Issues:0Issues:0

EDRPrison

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

Stargazers:0Issues:0Issues:0

EDRSandblast

Language:CStargazers:0Issues:0Issues:0

EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Language:CLicense:MITStargazers:0Issues:0Issues:0

Home-Grown-Red-Team

Language:PythonStargazers:0Issues:0Issues:0

Jigsaw

Hide shellcode by shuffling bytes into a random array and reconstruct at runtime

Stargazers:0Issues:0Issues:0

KasperskyHook

Hook system calls on Windows by using Kaspersky's hypervisor

License:MITStargazers:0Issues:0Issues:0

lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

License:MITStargazers:0Issues:0Issues:0

MemoryModule

Library to load a DLL from memory.

License:MPL-2.0Stargazers:0Issues:0Issues:0

mmLoader

A library for loading dll module bypassing windows PE loader from memory (x86/x64)

License:MITStargazers:0Issues:0Issues:0

no-defender

A slightly more fun way to disable windows defender. (through the WSC api)

License:GPL-3.0Stargazers:0Issues:0Issues:0

NTFSObjectIDParser

Digital Forensic tool parsing the $ObjID index file and correlating it with the $MFT

Language:C++License:GPL-3.0Stargazers:0Issues:0Issues:0

ntfstool

Forensics tool for NTFS (parser, mft, bitlocker, deleted files)

Language:C++License:MITStargazers:0Issues:0Issues:0

PE-LiteScan

A simple crossplatform heuristic PE-analyzer

License:MITStargazers:0Issues:0Issues:0

PrivFu-getsysem

Kernel mode WinDbg extension and PoCs for token privilege investigation.

Language:C#License:BSD-3-ClauseStargazers:0Issues:0Issues:0

Reflective_PE_Loader

Program to load a PE inside memory on another process.

License:MITStargazers:0Issues:0Issues:0

RexLdr

Rex Shellcode Loader for AV/EDR evasion

Stargazers:0Issues:0Issues:0

sliver-copy

Adversary Emulation Framework

License:GPL-3.0Stargazers:0Issues:0Issues:0

String-Obfuscator

Guaranteed compile-time string literal obfuscation header-only library for C++14

License:UnlicenseStargazers:0Issues:0Issues:0

thread_namecalling

Stargazers:0Issues:0Issues:0

Voidgate-scode-encryptor

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.

License:BSD-3-ClauseStargazers:0Issues:0Issues:0

websocketpp

C++ websocket client/server library

Language:C++License:NOASSERTIONStargazers:0Issues:0Issues:0

Windows-self-delete

Language:C++Stargazers:0Issues:0Issues:0