rysaunders

0

followers

following

stars

Ryan Saunders's starred repositories

ROADtoken

Language:C#7600

material-ui

Material UI: Comprehensive React component library that implements Google's Material Design. Free forever.

Language:TypeScriptMIT9344900

toolpad

Toolpad: Full stack components and low-code builder for dashboards and internal apps.

Language:TypeScriptMIT97300

TripleCross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

Language:CGPL-3.0176000

SweetPotato

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

Language:C#157500

Alaris

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

Language:CApache-2.088400

Venom

Venom - A Multi-hop Proxy for Penetration Testers

Language:GoMIT199200

ScareCrow

ScareCrow - Payload creation framework designed around EDR bypass.

Language:Go271700

Omnispray

Modular Enumeration and Password Spraying Framework

Language:Python10400

pspy

Monitor linux processes without root permissions

Language:GoGPL-3.0487400

bpfmon-example

proof-of-concept example of using eBPF to Monitor for eBPF Map tampering

Language:CBSD-3-Clause2000

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Language:GoMIT661200

rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

Language:JavaMIT42000

ADFSpoof

Language:PythonApache-2.034900

ADFSDump

Language:C#Apache-2.030900

bypass-clm

PowerShell Constrained Language Mode Bypass

Language:C#22300

PowerShdll

Run PowerShell with rundll32. Bypass software restrictions.

Language:C#MIT174500

DAMP

The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification

Language:PowerShellBSD-3-Clause37300

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Language:CBSD-3-Clause351700

CsWin32

A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.

Language:C#MIT206500

drltrace

Drltrace is a library calls tracer for Windows and Linux applications.

Language:HTMLBSD-3-Clause38700

hetty

An HTTP toolkit for security research.

Language:GoMIT606600

defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27 Workshop

Language:C#108100

InfinityHook

Hook system calls, context switches, page faults and more.

Language:C++238200

DefenderCheck

Identifies the bytes that Microsoft Defender flags on.

Language:C#BSD-3-Clause226400

Invoke-CradleCrafter

PowerShell Remote Download Cradle Generator & Obfuscator

Language:PowerShellApache-2.081800

WeaponsTraining

Weapons Training for the Empire Workshop

1300

Sickle

Payload development framework

Language:Python55900

freeCodeCamp

freeCodeCamp.org's open-source codebase and curriculum. Learn to code for free.

Language:TypeScriptBSD-3-Clause40244300

BookPlayer

The code running on the RasPi powered, RFID controlled audio book player

Language:Python3600