thomasxm

followers

following

stars

United Kingdom

www.linkedin.com/in/thomasxm

Thomas M's starred repositories

LdrLockLiberator

For when DLLMain is the only way

Language:CMIT33100

blackdagger

Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).

Language:GoGPL-3.04100

CodeHawk-Binary

CodeHawk Binary Analyzer for malware analysis and general reverse engineering

Language:PythonMIT2200

redteamvillage_website

The source code of the DEF CON Red Team Offense Village website

Language:CSSBSD-3-Clause800

Stardust

A modern 64-bit position independent implant template

Language:C98800

Akira-obfuscator

Another LLVM-obfuscator based on LLVM-17. A fork of Arkari

Apache-2.05200

HERCULES

HERCULES is a special payload generator that can bypass antivirus softwares.

Language:GoMIT59500

avclass

AVClass malware labeling tool

MIT100

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Language:CBSD-3-Clause339100

vt-go

The official Go client library for VirusTotal API

Language:GoApache-2.016900

FourEye

AV Evasion Tool For Red Team Ops

Language:CApache-2.074600

Shoggoth

Shoggoth: Asmjit Based Polymorphic Encryptor

Language:C++62400

EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time

Language:C++GPL-3.0171300

northpole-ssh-certs-fa

Language:Python300

meow

Cybersecurity research results. Simple C/C++ and Python implementations

Language:C15100

python-scraping

Code samples from the book Web Scraping with Python http://shop.oreilly.com/product/0636920034391.do

Language:Jupyter Notebook432700

github-markdown-printer

Print GitHub Flavored Markdown exactly as it appears on GitHub

Language:CSS9500

Dirty-Vanity

A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

Language:C60700

caldera

Automated Adversary Emulation Platform

Language:PythonApache-2.0537900

zero-trust-architecture

Principles to help you design and deploy a zero trust architecture

NOASSERTION162800

defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27 Workshop

Language:C#104800

procfilter

A YARA-integrated process denial framework for Windows

Language:C++MIT39700

CS-Notes

我的自学笔记，终身更新，当前专注System基础、MLSys。

Language:Python373200

botsv2

Splunk Boss of the SOC version 2 dataset.

CC0-1.034900

plaso_filters

Scripts to facilitate filtering with Plaso

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Language:CMIT939300

BHEU22-ADFS

Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations

MIT1200

aikido_wiper

Language:PythonBSD-3-Clause6200

qiling

A True Instrumentable Binary Emulation Framework

Language:PythonGPL-2.0497000

OSX-QuickLook-Parser

Parse the Mac Quickook index.sqlite database

Language:Python5100