wsummerhill

Will Summerhill's starred repositories

magika

Detect file content types with deep learning

Language:PythonApache-2.07567 36 369

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Language:PythonApache-2.03120 132 475

NetExec

The Network Execution Tool

Language:PythonBSD-2-Clause2626 23 120

The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.

Language:PythonMIT1520 20 33

CursedChrome

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

Language:JavaScriptMIT1376 29 30

Shhhloader

Syscall Shellcode Loader (Work in Progress)

Language:PythonGPL-3.01082 25 34

Stardust

A modern 64-bit position independent implant template

Language:C987 20 2

CredMaster

Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

Language:Python909 13 31

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

Language:PowerShellMIT801 18 11

TelemetrySourcerer

Enumerate and disable common sources of telemetry used by AV/EDR.

Language:C++Apache-2.0744 30 4

SilkETW

Language:C#Apache-2.0702 42 14

PortBender

TCP Port Redirection Utility

Language:CApache-2.0659 8 4

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Language:PowerShellGPL-3.0590 16 7

pywhisker

Python version of the C# tool for "Shadow Credentials" attacks

Language:PythonGPL-3.0558 9 8

GraphStrike

Cobalt Strike HTTPS beaconing over Microsoft Graph API

Language:C528 9 4

Evilginx2-Phishlets

Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes

Language:CSS496 33 23

MultiDump

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

Language:C432 5 3

SharpADWS

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Language:C#420 6 2

ThreadlessInject-BOF

BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

Language:CMIT360 5 2

caOptics

CA Optics - Azure AD Conditional Access Gap Analyzer

Language:JavaScriptMIT326 7 11

NativeDump

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)

Language:C#314 4 1

COM-Hunter

COM Hijacking VOODOO

Language:C#MIT249 2 2

PurpleLab

PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules, simulate logs, and undertake various security tasks, all accessible through a user-friendly web interface

Language:PHPAGPL-3.0237 5 5