Thomas M's starred repositories
LdrLockLiberator
For when DLLMain is the only way
blackdagger
Blackdagger is a DAG-based automation tool specifically used in DevOps, DevSecOps, MLOps, MLSecOps, and Continuous Red Teaming (CART).
CodeHawk-Binary
CodeHawk Binary Analyzer for malware analysis and general reverse engineering
redteamvillage_website
The source code of the DEF CON Red Team Offense Village website
Akira-obfuscator
Another LLVM-obfuscator based on LLVM-17. A fork of Arkari
python-scraping
Code samples from the book Web Scraping with Python http://shop.oreilly.com/product/0636920034391.do
github-markdown-printer
Print GitHub Flavored Markdown exactly as it appears on GitHub
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
zero-trust-architecture
Principles to help you design and deploy a zero trust architecture
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
procfilter
A YARA-integrated process denial framework for Windows
plaso_filters
Scripts to facilitate filtering with Plaso
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
BHEU22-ADFS
Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations
OSX-QuickLook-Parser
Parse the Mac Quickook index.sqlite database