This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes
☆21Mar 11, 2021Updated 4 years ago
Alternatives and similar repositories for SyscallExtractorAnalyzer
Users that are interested in SyscallExtractorAnalyzer are comparing it to the libraries listed below
Sorting:
- Cheatsheets and other Yealink Phone information.☆17Apr 13, 2018Updated 7 years ago
- Collections of way to evade normal detection events.☆23Sep 13, 2020Updated 5 years ago
- Collection of scripts, libraries, and other quick go to grabs☆23Feb 17, 2026Updated last week
- ☆16Dec 20, 2021Updated 4 years ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Sep 5, 2020Updated 5 years ago
- Quick Start/Setup of CI/CD for Offensive/Defensive Purposes☆21Sep 4, 2021Updated 4 years ago
- Collection of Suricata rule sets that I use modified to my environments.☆39Sep 13, 2020Updated 5 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- the most basic DLL ever to pop a cmd.☆24Jul 11, 2020Updated 5 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Test Azure environment for MFA misconfigurations☆12Jan 13, 2023Updated 3 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Mar 1, 2021Updated 4 years ago
- ☆78Oct 18, 2022Updated 3 years ago
- A standalone python script leveraging ntdll for UEFI variable enumeration. This uses elements from the "chipsec" toolkit for formatting w…☆10Jul 25, 2023Updated 2 years ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- ☆13Jul 30, 2021Updated 4 years ago
- cloud-based interactive security exercises☆14Jul 13, 2020Updated 5 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.☆75Mar 7, 2021Updated 4 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- ☆30May 1, 2025Updated 9 months ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- Simple HTTP GET/POST example with WinINet in C++☆14Jul 27, 2017Updated 8 years ago
- Matt's DFIR blog☆14Jul 28, 2025Updated 6 months ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆13Aug 13, 2019Updated 6 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago
- Just another useless C2 occupying space in some HDD somewhere.☆21Jul 4, 2023Updated 2 years ago
- A Django application to help red team operators manage a library of domain names☆167May 24, 2023Updated 2 years ago
- A "no frills" 1 class-only, C# .NET command line parser with support for - and / args, switches only, and Name : Values☆34Jan 20, 2026Updated last month
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Jun 24, 2020Updated 5 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆16Nov 6, 2021Updated 4 years ago