SharpHIBP: A C# Tool to gather information about email breaches
https://github.com/dmcxblue/SharpHIBP
https://github.com/dmcxblue/SharpHIBP
smtpsmug: Script to help analyze mail servers for SMTP Smuggling vulnerabilities.
https://github.com/hannob/smtpsmug
https://github.com/hannob/smtpsmug
sessionless: TokenSigner is a Burp Suite extension for editing, signing, verifying various signed web tokens
https://github.com/d0ge/sessionless
https://github.com/d0ge/sessionless
AuthLogParser: is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log
https://github.com/YosfanEilay/AuthLogParser
https://github.com/YosfanEilay/AuthLogParser
SSH ProxyCommand == unexpected code execution (CVE-2023-51385)
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
This repository implements Threadless Injection in C
https://github.com/lsecqt/ThreadlessInject-C
https://github.com/lsecqt/ThreadlessInject-C
A simple dependency injection library for Rust
https://github.com/m1guelpf/silhouette
https://github.com/m1guelpf/silhouette
Leveraging Microsoft Protection Logging for Forensic Investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
Shadow-Pulse: information about ransomware groups (Ransomware Analysis Notes)
https://github.com/StrangerealIntel/Shadow-Pulse/
https://github.com/StrangerealIntel/Shadow-Pulse/
EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server
https://github.com/netero1010/EDRSilencer
https://github.com/netero1010/EDRSilencer
Silly EDR Bypasses and Where To Find Them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them
vs-shellcode: Shellcode template is an Visual Studio in C++ to make shellcode on windows
https://github.com/RtlDallas/vs-shellcode
https://github.com/RtlDallas/vs-shellcode
Probuster: A Python based Web Application Penetration testing tool for Information Gathering
https://github.com/sanjai-AK47/Probuster
https://github.com/sanjai-AK47/Probuster
Simple Memory Patcher Made With API Hooking
https://github.com/idkhidden/Memory-Patcher
https://github.com/idkhidden/Memory-Patcher
The Google 0-day all Infostealer groups are exploiting
https://www.infostealers.com/article/the-0-day-all-infostealer-groups-are-exploiting
https://www.infostealers.com/article/the-0-day-all-infostealer-groups-are-exploiting
Real profit
Silly EDR Bypasses and Where To Find Them https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them
EDRception: PoC for abusing exception handlers to hook and bypass user mode EDR hooks
https://github.com/MalwareTech/EDRception
https://github.com/MalwareTech/EDRception
This is a POC for a CLR sleep obfuscation attempt
It use IHostMemoryManager interface to control the memory allocated by the CLR
https://github.com/lap1nou/CLR_Heap_encryption
It use IHostMemoryManager interface to control the memory allocated by the CLR
https://github.com/lap1nou/CLR_Heap_encryption
How I Found SQL Injection worth of $4,000 bounty
https://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec
https://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec
Fake IP sources using Linux's BPF feature
https://github.com/CodeChina888/FakeToa
https://github.com/CodeChina888/FakeToa