thomasxm

Thomas M's repositories

BOAZ_beta

Multilayered AV/EDR Evasion Framework

Language:C++GPL-3.01000

ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.

Language:PythonGPL-3.0100

asmjit

Low-latency machine code generation

Language:C++Zlib000

awesome-censys-queries

A collection of fascinating and bizarre Censys Search Queries

CC0-1.0000

blackdagger

Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).

Language:GoGPL-3.0000

bn_ifl

IFL - Interactive Functions List (plugin for Binary Ninja)

Language:Python000

CodeHawk-Binary

CodeHawk Binary Analyzer for malware analysis and general reverse engineering

Language:PythonMIT000

emba

EMBA - The firmware security analyzer

Language:ShellGPL-3.0000

Havoc

The Havoc Framework.

Language:GoGPL-3.0000

IAT-Tracer

An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (.tag) files.

Language:Python000

jekyll-theme-chirpy

A minimal, responsive, and feature-rich Jekyll theme for technical writing.

MIT000

ldrgen

Template-based generation of shellcode loaders

Language:C000

LdrLockLiberator

For when DLLMain is the only way

Language:CMIT000

learning_llvm

Language:C++000

lightgrep

Command-line utility for multipattern search using liblightgrep

GPL-3.0000

linux-pe

COFF and Portable Executable format described using standard C++ with no dependencies.

BSD-3-Clause000

miasm

Reverse engineering framework in Python

Language:PythonGPL-2.0000

obfuscator-bin2bin

fork of PE bin2bin obfuscator

GPL-3.0000

pe_tools

A cross-platform Python toolkit for parsing/writing PE files.

Language:PythonMIT000

pefile

pefile is a Python module to read and work with PE (Portable Executable) files

Language:PythonMIT000

PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

Unlicense000

pyMetaTwin

Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform

Language:Python000

rp-bf.rs

fork: rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump

MIT000

TangledWinExec

PoCs and tools for investigation of Windows process execution techniques

Language:C#BSD-3-Clause000

unicorn-emulator

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

Language:CGPL-2.0000

Windows-Internals

Important notes and topics on my journey towards mastering Windows Internals

Language:C++000

Winton

Command and Control (C2) framework

Language:GoMIT000

x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Language:C++NOASSERTION000

zasm

x86-64 Assembler based on Zydis

MIT000

zydis

Fast and lightweight x86/x86-64 disassembler and code generation library

MIT000