Sysmon Config for Linux

Sysmon configuration based on Swift on Security

A method of bypassing EDR's active projection DLL's by preventing entry point exection

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

Hide an IP address in scripts using hex/decimal/octal conversions

A Python-based VBScript Code Obfuscator

This repo contains some Amsi Bypass methods i found on different Blog Posts.

Chepy is a python lib/cli equivalent of the awesome CyberChef tool.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

A quick PowerShell utility which launches and immediately suspends a provided process for a specified amount of time.

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Generate a fake "systeminfo.exe" binary in order to hide the presence of a VM

Reconstructs command text by referencing env value character indexes. Can be run live and pull values directly from a host's env variables or alternatively by importing a csv file export of env var…

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for m…

Deobfuscates PowerShell format strings

UAC bypass, Elevate, Persistence methods

Generate obfuscated PowerShell commands using XOR logic with random keys!

This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you migh…

The single instruction C compiler

VMware macOS utilities

Sandbox/Heuristic PowerShell Bypass

A collection of small scripts and tools for deobfuscation and malware analysis.

A Python script which simply obfuscates batch scripts by messing with the encoding.

A PowerShell script which calculates the octane rating of an ethanol/gasoline mixture based on percentage of ethanol, and octane rating of gasoline (ie 91 or 93)

A quick command line utility that generates uses simple addition to obfuscate individual characters, then executes it

PowerShell Obfuscator

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

Another Windows Local Privilege Escalation from Service Account to System