Highlights
- Pro
Block or Report
Block or report omaramin17
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseLanguage
Sort by: Recently starred
Starred repositories
The EET (Email Enumeration Tool) is a professional tool designed for red teaming. It allows you to send mass emails using SMTP and read emails from IMAP4 and POP3 servers.
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
Generic PE loader for fast prototyping evasion techniques
emdnaia / EDRPrison
Forked from senzee1984/EDRPrisonLeverage a legitimate driver to silence EDR
Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…
CarbonBlack EDR detection rules and response actions
Threadless Process Injection through entry point hijacking
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages
A self-hosted dashboard that puts all your feeds in one place
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
The open source Tines / Splunk SOAR alternative.
Analyze pcaps with Zeek and a Grafana Dashboard
An osint tool that uses Ahmia.fi to get hidden services and descriptions that match with the users query.
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,免杀火绒,360核晶等国内常见杀软。
ShellCode_Loader - CobaltStrike免杀ShellCode加载器、免杀Shellcode加密生成工具,目前测试免杀360&火绒&电脑管家&Windows Defender,请参考博客 https://www.vpss.cc/471.html
无Windows API的新型恶意程序:自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究,A new type of malicious program without Windows API