Giters
sbousseaden

sbousseaden

Geek Repo

868

followers

110

following

184

stars

Home Page:@SBousseaden

Github PK Tool:Github PK Tool

sbousseaden's repositories

injection-1

Windows process injection methods

Language:CStargazers:12Issues:1Issues:0

evtx2es

Import Windows Eventlogs(.evtx) to ElasticSearch.

Language:PythonLicense:MITStargazers:4Issues:1Issues:0

APT_CyberCriminal_Campagin_Collections

APT & CyberCriminal Campaign Collection

Language:JavaScriptStargazers:3Issues:0Issues:0

MalConfScan

Volatility plugin for extracts configuration data of known malware

Language:PythonLicense:NOASSERTIONStargazers:3Issues:1Issues:0

WindowsDefenderATP-Hunting-Queries

Sample queries for Advanced hunting in Microsoft Defender ATP

Language:Jupyter NotebookLicense:MITStargazers:3Issues:1Issues:0

APT_REPORT

Interesting apt report collection and some special ioc express

Language:PythonStargazers:2Issues:1Issues:0

auditd

Best Practice Auditd Configuration

License:Apache-2.0Stargazers:2Issues:1Issues:0

rules

Repository of yara rules

Language:YARALicense:GPL-2.0Stargazers:2Issues:2Issues:0

sysmonx

SysmonX - An Augmented Drop-In Replacement of Sysmon

Language:C++License:MITStargazers:2Issues:2Issues:0

UACME

Defeating Windows User Account Control

Language:CLicense:BSD-2-ClauseStargazers:2Issues:1Issues:0

AsyncRAT-C-Sharp

Open-Source Remote Administration Tool For Windows C# (RAT)

Language:C#License:MITStargazers:1Issues:1Issues:0

defcon_27_windbg_workshop

DEFCON 27 workshop - Modern Debugging with WinDbg Preview

Stargazers:1Issues:0Issues:0

HastySeries

ObscurityLabs RedTeam C# Toolkit

License:GPL-3.0Stargazers:1Issues:0Issues:0

InfinityHook

Hook system calls, context switches, page faults and more.

Language:C++Stargazers:1Issues:1Issues:0

injection

Language:C++Stargazers:1Issues:0Issues:0

office-exploit-case-study

Language:Rich Text FormatStargazers:1Issues:0Issues:0

OneOffs

Small random scripts for various things I find myself needing to repeat/automate

Language:PythonStargazers:1Issues:1Issues:0

osq-ext-bin

Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection

Language:PowerShellLicense:NOASSERTIONStargazers:1Issues:1Issues:0

PeFixup

PE File Blessing - To continue or not to continue

Language:PythonLicense:GPL-3.0Stargazers:1Issues:1Issues:0

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

Language:PowerShellLicense:NOASSERTIONStargazers:1Issues:1Issues:0

sandbox-attacksurface-analysis-tools

Set of tools to analyze and attack Windows sandboxes.

Language:C#License:Apache-2.0Stargazers:1Issues:1Issues:0

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

Language:PythonLicense:NOASSERTIONStargazers:1Issues:1Issues:0

VBA-RunPE

A VBA implementation of the RunPE technique or how to bypass application whitelisting.

Language:VBALicense:MITStargazers:1Issues:1Issues:0

Win10

Win 10 related research

Language:PowerShellLicense:MPL-2.0Stargazers:1Issues:1Issues:0

azorult

Leaked AzoRult Panel

Language:PHPStargazers:0Issues:1Issues:0

ConventionEngine

ConventionEngine - A Yara Rulepack for PDB Path Hunting

Stargazers:0Issues:0Issues:0

Empire

Empire is a PowerShell and Python post-exploitation agent.

Language:PowerShellLicense:BSD-3-ClauseStargazers:0Issues:1Issues:0

pinjectra

Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)

Language:C++License:BSD-3-ClauseStargazers:0Issues:1Issues:0

RegRipper2.8

RegRipper version 2.8

Language:PerlLicense:NOASSERTIONStargazers:0Issues:1Issues:0

SharpSploit

SharpSploit is a .NET post-exploitation library written in C#

Language:C#License:BSD-3-ClauseStargazers:0Issues:0Issues:0