zer0luis Goto Github PK

advanced-process-injection-workshop

aneasymalware

An easy and basic malware code. VBA code <<Word, PowerPoint, Excel>> that download and autorun malware. This source code is only for educational purpose.

breach-parse

A tool for parsing breached passwords

c2-hunter

Extract C2 Traffic

chalice

Python Serverless Microframework for AWS

crassus

diffware

An extensively configurable tool providing a summary of the changes between two files or directories, ignoring all the fluff you don't care about.

dorks-shodan-2023

Shodan Dorks 2023

edrsandblast-godfault

EDRSandblast-GodFault

empire

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

epagneul

Graph Visualization for windows event logs

hacker-plus-theme

Hacker Plus is a GitHub pages theme tailor-made for the purpose of writing CTF Writeups/CP Solutions. Now, spreading knowledge is easier, as you don't have to go through the burden of designing and maintaining a website. Just write in markdown and push the commits!

idahunt

idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

loldriverscan

macosir_recon

A bash script for recon in Incident Response and Malware Analysis.

msdocsviewer

msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.

msticpy

Microsoft Threat Intelligence Security Tools

nimblackout

Kill AV/EDR leveraging BYOVD attack

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

obpo-plugin

An ida plugin for recovering control flow flattening

pplblade

Protected Process Dumper Tool

pret

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

r2frida

Radare2 and Frida better together.

rdpcredentialstealer

RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++

reflutter

Flutter Reverse Engineering Framework

reg-restore-persistence-mole

a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Callback of sysmon driver filter. RegSaveKeyExW() and RegRestoreKeyW() API which is not included in monitoring. This POC will use

reinschauer

it is very good

scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

sckull.github.io

Writeups for TryHackMe and HackTheBox.

takemyrdp

A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.exe and CredentialUIBroker.exe)