tigr0w's repositories
stackrox_stackrox
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.
espressif_esp-idf
Espressif IoT Development Framework. Official development framework for Espressif SoCs.
daem0nc0re_PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
ChiChou_grapefruit
(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
fortra_impacket
Impacket is a collection of Python classes for working with network protocols.
BlWasp_rs-shell
A dirty PoC for a reverse shell with cool features in Rust
memN0ps_illusion-rs
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
e-m-b-a_emba
EMBA - The firmware security analyzer
rapid7_metasploit-framework
Metasploit Framework
DataDog_KubeHound
Kubernetes Attack Graph
ParticulaCode_GoDiceUnityDemo
GoDice Unity Demo
infosecB_LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes.
LloydLabs_delete-self-poc
A way to delete a locked file, or current running executable, on disk.
ExaTrack_Kdrill
Python tool to check rootkits in Windows kernel
zblurx_dploot
DPAPI looting remotely in Python
BishopFox_sliver
Adversary Emulation Framework
binarly-io_Vulnerability-REsearch
Binarly Vulnerability Research Advisories
magicsword-io_LOLDrivers
Living Off The Land Drivers
gtworek_PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
Yamato-Security_hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
GTFOArgs_GTFOArgs.github.io
GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrary commands, using argument injection.
darkoperator_dnsrecon
DNS Enumeration Script
kubescape
kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)
EgeBalci_deoptimizer
Machine code de-optimizer.
diversenok_TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
Processus-Thief_HEKATOMB
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.
tiny_tracer
A Pin Tool for tracing API calls etc
klezVirus_SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
cecio_USBvalve
Expose USB activity on the fly