Giters
SWaNk (salemarsm)

salemarsm

Geek Repo

4

followers

5

following

0

stars

Company:VectorCrow technologies

Location:WWW

Home Page:vectorcrow.com

Twitter:@pegabizu

Github PK Tool:Github PK Tool

SWaNk's repositories

RansomWatch

Ransomware detection application for Windows using Windows Minifilter driver

Language:C++Stargazers:1Issues:0Issues:0

Adrena

Software Protector

Language:JavaScriptLicense:GPL-2.0Stargazers:0Issues:1Issues:0

archive

Stargazers:0Issues:0Issues:0

C2ReverseProxy

一款可以在不出网的环境下进行反向代理及cs上线的工具

Language:GoStargazers:0Issues:0Issues:0

goWMIExec

Really stupid re-implementation of invoke-wmiexec

Language:GoStargazers:0Issues:0Issues:0

breakcyserver

Stargazers:0Issues:0Issues:0

CiDllDemo

Use ci.dll API for validating Authenticode signature of files

License:MITStargazers:0Issues:0Issues:0

CVE-2018-19320

Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)

Stargazers:0Issues:0Issues:0

DarkLoadLibrary

LoadLibrary for offensive operations

Stargazers:0Issues:0Issues:0

file-system-filter

Windows file system filter driver - illustration of the technology

License:MITStargazers:0Issues:0Issues:0

FSDefender

Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware

Stargazers:0Issues:0Issues:0

hidden

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Stargazers:0Issues:0Issues:0

HideDriver

之前那份是7600的,每次编译搞得好麻烦。更新一个VS2017可以直接编译的。

Stargazers:0Issues:0Issues:0

injdrv

proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

License:MITStargazers:0Issues:0Issues:0

Kernelmode-manual-mapping-through-IAT

Manual mapping without creating any threads, with rw only access

Stargazers:0Issues:0Issues:0

LazyCopy

NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.

License:MITStargazers:0Issues:0Issues:0

MultiPotato

License:GPL-3.0Stargazers:0Issues:0Issues:0

netspy

netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)

Language:GoStargazers:0Issues:0Issues:0

OffensiveVBA

This repo covers some code execution and AV Evasion methods for Macros in Office documents

License:BSD-2-ClauseStargazers:0Issues:0Issues:0

PELoader

PE loader with various shellcode injection techniques

Stargazers:0Issues:0Issues:0

PPLdump

Dump the memory of a PPL with a userland exploit

License:MITStargazers:0Issues:0Issues:0

PPLRunner

Run Processes as PPL with ELAM

Stargazers:0Issues:0Issues:0

Prevent_File_Deletion

Record & prevent file deletion in kernel mode

License:MITStargazers:0Issues:0Issues:0

procfilter

A YARA-integrated process denial framework for Windows

License:MITStargazers:0Issues:0Issues:0

Screwed-Drivers

"Screwed Drivers" centralized information source for code references, links, etc.

Language:PowerShellLicense:GPL-3.0Stargazers:0Issues:0Issues:0

stats

A well tested and comprehensive Golang statistics library package with no dependencies.

License:MITStargazers:0Issues:0Issues:0

T.D.P.

Using Thread Description To Hide Shellcodes

Language:C++Stargazers:0Issues:0Issues:0

TheSubZeroProject

A multi-staged malware that contains a kernel mode rootkit and a remote system shell.

Stargazers:0Issues:0Issues:0

VMProtect-devirtualization

Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.

Stargazers:0Issues:0Issues:0

WebView2-Cookie-Stealer

Language:C++Stargazers:0Issues:0Issues:0