sbousseaden's repositories
EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
macOS-ATTACK-DATASET
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
PythonForWindows
A codebase aimed to make interaction with Windows and native execution easier
OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
Windows-Kernel-Explorer
A free but powerful Windows kernel research tool.
ExchangeLogCollector
Exchange Log Collection Script
injectAllTheThings
Seven different DLL injection techniques in one single project.
ioc-scanner-CVE-2019-19781
Indicator of Compromise Scanner for CVE-2019-19781
malware-ioc
Indicators of Compromises (IOC) of our various investigations
Revoke-Obfuscation
PowerShell Obfuscation Detection Framework
Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.
CVE-2020-0688_EXP
CVE-2020-0688_EXP Auto trigger payload & encrypt method
CVE-2020-0796-PoC
PoC for triggering buffer overflow via CVE-2020-0796
detection-rules
Rules for Elastic Security's detection engine
fastir_artifacts
Live forensic artifacts collector
mbc-markdown
MBC content in markdown
protections-artifacts
Elastic Security detection content for Endpoint
WindowsProtocolTestSuites
Windows Protocol Test Suites provide interoperability testing against an implementation of the Windows open specifications.
ysoserial.net
Deserialization payload generator for a variety of .NET formatters