0xrawsec / golang-etw

Related projects: ⓘ

• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆55Updated last year
• synacktiv / AMSI-Bypass
  Lists of AMSI triggers (VBA, JScript / VBScript)
  ☆32Updated 5 years ago
• oiweiwei / go-msrpc
  The DCE/RPC / MS-RPC Codegen/Client for Go
  ☆35Updated last week
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆61Updated 2 years ago
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆67Updated 3 years ago
• audibleblink / dummyDLL
  Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
  ☆41Updated last year
• aus / gopherheaven
  Go implementation of the Heaven's Gate technique
  ☆92Updated 3 years ago
• iammaguire / Gotato
  Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.
  ☆111Updated 3 years ago
• pathtofile / commandline_cloaking
  A collection of projects demonstrating various commandline cloaking techniques on Linux
  ☆53Updated 2 years ago
• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆58Updated 4 months ago
• Ne0nd0g / go-clr
  A PoC package for hosting the CLR and executing .NET from Go
  ☆65Updated 2 months ago
• memN0ps / RustSCRunner
  ☆63Updated this week
• xforcered / Detect-Hooks
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆94Updated 3 years ago
• vletoux / RPCForSMBLibrary
  Extension of SMBLibrary for RPC calls
  ☆33Updated 3 months ago
• vincd / savoir
  Savoir is a tool to perform tasks during internal security assessment
  ☆17Updated 2 years ago
• mez-0 / MoveScheduler
  .NET 4.0 Scheduled Job Lateral Movement
  ☆86Updated 4 years ago
• 0xballistics / inject2pe
  inject or convert shellcode to PE
  ☆38Updated 4 years ago
• RiccardoAncarani / TaskShell
  ☆56Updated 3 years ago
• SecIdiot / minbeacon
  ☆68Updated this week
• ustayready / roguerdp
  ☆33Updated 2 years ago
• elastic / PPLGuard
  ☆68Updated 11 months ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 3 years ago
• N4kedTurtle / HellsGatePoC
  ☆48Updated 4 years ago
• decoder-it / juicy_2
  juicypotato for win10 > 1803 & win server 2019
  ☆95Updated 3 years ago
• notsoshant / DCSyncer
  Perform DCSync operation without mimikatz
  ☆136Updated 2 years ago
• m0rv4i / Syscalls-Extractor
  ☆53Updated this week
• ayoul3 / reflect-pe
  Reflectively load PE
  ☆101Updated 4 years ago
• nettitude / RunOF
  ☆140Updated last year
• rasta-mouse / Fork-n-Run
  ☆69Updated 2 years ago
• audibleblink / dllexical
  easy dll proxying in go
  ☆11Updated 2 years ago