HuskyHacks / the-crown-defcon615
Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
☆44Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for the-crown-defcon615
- ShellcodeFluctuation PoC ported to Nim☆75Updated 2 years ago
- A simple C# program to unhook AMSI and execute unmanaged PowerShell.☆19Updated 3 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆61Updated 2 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- A collection of presentations and other contributions I have made to conferences.☆35Updated 2 months ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆35Updated 3 years ago
- A quick example of the Hells Gate technique in Nim☆93Updated 3 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- ☆18Updated 11 months ago
- ☆29Updated 2 years ago
- ☆23Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Updated 2 years ago
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- ☆68Updated 2 years ago
- ☆38Updated 2 years ago
- ☆41Updated 2 years ago
- Attack chain emulator. Write recipes for initial access easily☆20Updated last year
- Repository for slide decks of public talks I've given.☆14Updated last year
- ☆23Updated 3 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆59Updated 2 years ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- all credits go to @mgeeky☆58Updated 3 years ago
- ☆37Updated last year
- ☆37Updated 6 months ago
- ☆51Updated 3 years ago