Proof of Concepts for malicious maintainers: How to Tamper with Releases built with GitHub Actions Worfklows, presented at fwd:cloudsec Europe 2025
☆78Sep 16, 2025Updated 5 months ago
Alternatives and similar repositories for release-tampering-pocs
Users that are interested in release-tampering-pocs are comparing it to the libraries listed below
Sorting:
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 3 months ago
- Static analysis for llvm☆20Mar 31, 2015Updated 10 years ago
- Daily C2 threat intelligence feed☆19Mar 3, 2026Updated last week
- ☆18Oct 28, 2025Updated 4 months ago
- Inter-procedural analysis framework and dependency/information-flow analysis for LLVM☆19Mar 2, 2013Updated 13 years ago
- Tips, Tricks, and Scripts for Linux Post Exploitation☆38Mar 13, 2023Updated 2 years ago
- AWS X-Ray for Covert Command & Control☆45Oct 13, 2025Updated 4 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆85Aug 13, 2024Updated last year
- Living Under the Land on Linux ~ Bsides Belfast/Vienna 2025☆38Nov 22, 2025Updated 3 months ago
- A tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆17Jan 13, 2024Updated 2 years ago
- Ludus range for the Constructing Defense Lab☆106Feb 23, 2026Updated 2 weeks ago
- SCAM - Security Comprehension Awareness Measure | Open-source benchmark that tests AI agents' security awareness during realistic, multi-…☆93Feb 12, 2026Updated 3 weeks ago
- A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…☆35Jan 7, 2026Updated 2 months ago
- A beginner-friendly collection of Rust notes focused on Red Team Tooling • Malware Development • Systems Programming • Rust Fundamentals☆58Nov 24, 2025Updated 3 months ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆18Nov 17, 2019Updated 6 years ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 8 months ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- Decrypt GlobalProtect configuration and cookie files.☆157Sep 10, 2024Updated last year
- A frightfully intelligent algorithmic trading automaton of noble birth. Sir Reginald's prime directive: to acquire undervalued assets pos…☆42Sep 18, 2025Updated 5 months ago
- ☆28Jan 10, 2024Updated 2 years ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 6 months ago
- Some of my custom "tools".☆28Feb 21, 2022Updated 4 years ago
- ☆26Jun 2, 2022Updated 3 years ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 2 years ago
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆123Nov 9, 2022Updated 3 years ago
- ☆78Aug 1, 2023Updated 2 years ago
- ☆29Mar 2, 2023Updated 3 years ago
- Additional materials for RootedCON 2015 Apache Struts talk☆30Mar 6, 2015Updated 11 years ago
- ☆31Mar 21, 2023Updated 2 years ago
- ☆13Aug 5, 2025Updated 7 months ago
- Privileger is a tool to work with Windows Privileges☆139Feb 7, 2023Updated 3 years ago
- Crane POAM Automation Tool (C-PAT™)☆15Feb 28, 2026Updated last week
- ☆10Updated this week
- time-based user enum via Basic Auth in Azure against Autodiscover☆34Oct 3, 2024Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- Notes for the PJPT exam!☆14Aug 8, 2024Updated last year
- AI Bill of Materials through source code scanning☆33Feb 25, 2026Updated last week
- Libary for using OScam dvbapi within various applications. This Plugin is not for usage, only experiment and research.☆11Jan 4, 2024Updated 2 years ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆43Oct 30, 2024Updated last year