memoryforensics1 / Vol3xp
Volatility Explorer Suit
☆60Updated last year
Related projects: ⓘ
- volatility explorer☆90Updated 3 years ago
- shared samples from #dailyphish and/or #apt tweets☆31Updated this week
- ☆60Updated 2 years ago
- Neton is a tool for getting information from Internet connected sandboxes☆92Updated last year
- This repo is all about Blue teamming and CyberDefenders Write-up for their DFIR challenges☆16Updated 10 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆104Updated last year
- Windows Common Log File System Driver POC☆94Updated 2 years ago
- Windows symbol tables for Volatility 3☆72Updated 2 months ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆25Updated last week
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆84Updated 11 months ago
- Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.☆54Updated last year
- An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products☆31Updated last year
- A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.☆144Updated 2 years ago
- ☆98Updated last month
- This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Wi…☆76Updated 6 months ago
- Memory Scaner☆61Updated 2 years ago
- Learnings about windows Internals☆87Updated 10 months ago
- PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers☆90Updated last year
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆86Updated 11 months ago
- Windows LPE☆92Updated 3 months ago
- To audit the security of read-only domain controllers☆112Updated 9 months ago
- ☆42Updated this week
- ☆17Updated last year
- ☆78Updated this week
- ☆47Updated last year
- ☆128Updated 8 months ago
- CVE-2021-1732 poc & exp; tested on 20H2☆66Updated 3 years ago
- YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.☆42Updated 10 months ago
- Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute…☆152Updated last year
- POC for CVE-2021-21974 VMWare ESXi RCE Exploit☆173Updated 3 years ago