James Forshaw's repositories
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
oleviewdotnet
A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
ExploitRemotingService
A tool to exploit .NET Remoting Services
WindowsRpcClients
This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.
blackhat-usa-2022-demos
Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"
CANAPE.Core
A network proxy library written in C# for .NET Core based on CANAPE
infosec-presentations
A repository of previous info-sec presentations I've presented.
IE11SandboxEscapes
Some example source code for fixed IE11 sandbox escapes.
DeviceGuardBypasses
A repository of some of my Windows 10 Device Guard Bypasses
windows-security-internals
A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
ExploitDotNetDCOM
A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.
WindowsRuntimeSecurityDemos
Demos for Presentation on Windows Runtime Security
DotNetInteropDemos
A set of demos and a PowerShell module to interact with DotNetInterop.
windows-attacksurface-workshop
Workshop material for a Windows Attack Surface Analysis Workshop
ZeroNights2017
Some sample code from my Zero Nights 2017 presentation.
ExampleChatApplication
A simple example chat application written for .NET Core to learn network protocol analysis.
Zer0Con_2018
Repository for my talk on Desktop Bridge at Zer0Con 2018.
DumpReparsePoints
This is a simple tool to dump all the reparse points on an NTFS volume.
setsidmapping
Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
44con_2014
Materials for 44con 2014 CANAPE Workshop
SuperFunkyChat
An example binary protocol application for learning CANAPE
canape-ssl-mitm-osx
A simple CANAPE extension to exploit iOS/OSX SSL vulnerability
windbg_js_scripts
Toy scripts for playing with WinDbg JS API
apple1_emu
A simple Apple I emulator written in Rust.