yehias's repositories
advmlthreatmatrix
Adversarial Threat Matrix
avml
AVML - Acquire Volatile Memory for Linux
BOF_Collection
Various Cobalt Strike BOFs
Citadel
My small collection of pentesting scripts
cobalt_strike_extension_kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
DetectionLab
Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
DeTTECT
Detect Tactics, Techniques & Combat Threats
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
email-header-analyzer
E-Mail Header Analyzer
gophercap
Accurate, modular, scalable PCAP manipulation tool written in Go.
HellsGate
Original C Implementation of the Hell's Gate VX Technique
herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
invoke-atomicredteam
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
IRCoreForensicFramework
Powershell / C# based cross platform forensic framework based for live incident response
irma
IRMA is an asynchronous & customizable analysis system for suspicious files.
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.
NetblockTool
Find netblocks owned by a company
ProxyBroker
Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS :performing_arts:
PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
python-netflow-v9-softflowd
PyPI "netflow" package. NetFlow v9 parser, collector and analyzer implemented in Python 3. Developed and tested with softflowd
Security-Tool-Chest
A list of useful security and obvescation tools useful for red and blue teaming activities. A list made possible by the provided references.
shad0w
A post exploitation framework designed to operate covertly on heavily monitored enviroments
Telegram-RAT
Windows Remote Administration Tool via Telegram. Written in Python
TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
WinPmem
The multi-platform memory acquisition tool.
WinPwnage
UAC bypass, Elevate, Persistence methods