naksyn / talksLinks
Repo containing my public talks
☆23Updated 2 years ago
Alternatives and similar repositories for talks
Users that are interested in talks are comparing it to the libraries listed below
Sorting:
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆56Updated 2 years ago
- ☆23Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆38Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆63Updated 3 years ago
- ☆45Updated last year
- Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2☆41Updated last year
- ☆26Updated 3 months ago
- a tiny program to consume from ETW providers for research☆48Updated 5 months ago
- Simple and sane cryptographic wrapper library.☆27Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 10 months ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆43Updated 2 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Updated 3 years ago
- quASAR: ASAR manipulation made easy☆38Updated 2 years ago
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆31Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆49Updated last year
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated last year
- Python module for running BOFs☆70Updated last year
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53Updated 5 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Ghosting-AMSI☆17Updated last month
- ☆48Updated last year
- ☆33Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- ☆75Updated 2 years ago
- ☆14Updated last year
- ☆23Updated last year
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year