Stars
Learn how to design, develop, deploy and iterate on production-grade ML applications.
My curated list of awesome links, resources and tools on infosec related topics
Linker/Compiler/Tool detector for Windows, Linux and MacOS.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
A More Comfortable (remote) SHell with full pty support and both reverse / bindport connection mode.
Ghidra is a software reverse engineering (SRE) framework
This is a simple example and explanation of obfuscating API resolution via hashing
AV/EDR evasion via direct system calls.
A collection of pwn/CTF related utilities for Ghidra
Inter-Process Communication Mechanisms
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
Curated list of Unix binaries that can be exploited to bypass system security restrictions
Evasive shellcode loader for bypassing event-based injection detection (PoC)
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
Simple (relatively) things allowing you to dig a bit deeper than usual.
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
A free but powerful Windows kernel research tool.
Materials for Windows Malware Analysis training (volume 1)