schrodyn

fallout1-ce

Fallout for modern operating systems

mubeng

An incredibly fast proxy checker & IP rotator with ease.

darkPulse

darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。

injector

Library for injecting a shared library into a Linux or Windows process

DLLirant

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

nyxstone

Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

CVE-2024-26229

CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code

auto-enum

IDA Plugin to automatically identify and set enums for standard functions

nsh

The Noisy Sockets CLI

RWX_MEMEORY_HUNT_AND_INJECTION_DV

Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.

CTI-Analyst-Challenge

An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.

themida-unmutate

Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.

Lucid

An educational Bochs-based snapshot fuzzer project

Kdrill

Python tool to check rootkits in Windows kernel

aidapal

aiDAPal is an IDA Pro plugin that uses a locally running LLM that has been fine-tuned for Hex-Rays pseudocode to assist with code analysis.

Threat-Actor-Profile-Guide

The Threat Actor Profile Guide for CTI Analysts

mysql-mimic

pivot-atlas

wcreddump

Fully automated windows credentials dumper, from SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.

main

Main repository for Valhalla, a first-person shooter game project inspired by old school and modern titles.

subcrawl

SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as Elastic.

msitools

Read-only mirror of https://gitlab.gnome.org/GNOME/msitools

NoWhere2Hide

C2 Active Scanner

ADFSDump-PS

PowerShell Implementation of ADFSDump to assist with GoldenSAML

tbat

Threat Box Assessment Tool

dnsdbflex

command line tool to use the DNSDB Flexible Search API extensions.

rust-reversing-workshop-northsec-2024

malicious-c2-infrastructure

Repository contains malware IP addresses of C2 infrastructure

bug_poc

bug_poc

dfunc-bypasser

This tool is for letting you know how strong your disable_functions is and how you can bypass that.