Starred repositories
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Creating a repository with all public Beacon Object Files (BoFs)
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Coba…
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to …
Malware samples, analysis exercises and other interesting resources.
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Tools for discovery and abuse of COM hijacks
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
Check for Antivirus Process and Services
This repository aims to compile all Flare-On challenge binaries and write-ups. Update: 2014 -2024.
Notes on responding to security breaches relating to Azure AD
This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at the forefront of the field. It serves as a central repository…
Rust Weaponization for Red Team Engagements.
Labs for Practical Malware Analysis & Triage
Collection of Event ID ressources useful for Digital Forensics and Incident Response
Windows Event ID list in CSV format
Sysmon configuration file template with default high-quality event tracing
This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews 😉