Rules for Elastic Security's detection engine

Elastic Security detection content for Endpoint

This repo covers some code execution and AV Evasion methods for Macros in Office documents

The Source Code of HyperDbg Debugger 🐞

This repo contains samples that demonstrate the API used in Windows classic desktop applications.

A codebase aimed to make interaction with Windows and native execution easier

A post exploitation framework designed to operate covertly on heavily monitored enviroments

PoC for triggering buffer overflow via CVE-2020-0796

Windows Protocol Test Suites provide interoperability testing against an implementation of the Windows open specifications.

CVE-2020-0688_EXP Auto trigger payload & encrypt method

Deserialization payload generator for a variety of .NET formatters

This is a webshell open source project

Generic Signature Format for SIEM Systems

Indicator of Compromise Scanner for CVE-2019-19781

PowerShell Obfuscation Detection Framework

Searches For Threat Hunting and Security Analytics

Indicators of Compromises (IOC) of our various investigations

MBC content in markdown

Seven different DLL injection techniques in one single project.

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

Live forensic artifacts collector

Scripted Local Linux Enumeration & Privilege Escalation Checks

A free but powerful Windows kernel research tool.

Exchange Log Collection Script