Thomas M's repositories
ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
asmjit
Low-latency machine code generation
awesome-censys-queries
A collection of fascinating and bizarre Censys Search Queries
blackdagger
Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).
bn_ifl
IFL - Interactive Functions List (plugin for Binary Ninja)
CodeHawk-Binary
CodeHawk Binary Analyzer for malware analysis and general reverse engineering
coffee
A COFF loader made in Rust
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
emba
EMBA - The firmware security analyzer
HardeningMeter
HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.
Havoc
The Havoc Framework.
IAT-Tracer
An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (.tag) files.
jekyll-theme-chirpy
A minimal, responsive, and feature-rich Jekyll theme for technical writing.
miasm
Reverse engineering framework in Python
obfuscator-bin2bin
fork of PE bin2bin obfuscator
pe_tools
A cross-platform Python toolkit for parsing/writing PE files.
pefile
pefile is a Python module to read and work with PE (Portable Executable) files
PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
pyMetaTwin
Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform
stealthguardian
StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and behaviour detection of executed actions against defined defence mechanisms.
TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
Tempest
A command and control framework written in rust.
unicorn-emulator
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
zasm
x86-64 Assembler based on Zydis
zydis
Fast and lightweight x86/x86-64 disassembler and code generation library