SignToolEx: uses Microsoft Detours hooking library to hijack "signtool.exe" and modify expired code-signing certificates to appear valid, allowing to codesign without changing system clock
https://github.com/hackerhouse-opensource/SignToolEx
POC usermode <=> kernel communication via ALPC
https://github.com/pTerrance/alpc-km-um
New payloads to exploit Error-based SQL injection - PostgreSQL database
https://www.mannulinux.org/2023/12/New-payloads-to-exploit-Error-based-SQL-injection-PostgreSQL-database.html
A simple rpc2socks alternative in pure Go
https://github.com/zimnyaa/smbsocks
How I Found SQL Injection worth of $4,000 bounty
https://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec
EDRception: PoC for abusing exception handlers to hook and bypass user mode EDR hooks
https://github.com/MalwareTech/EDRception
Simple Memory Patcher Made With API Hooking
https://github.com/idkhidden/Memory-Patcher
Probuster: A Python based Web Application Penetration testing tool for Information Gathering
https://github.com/sanjai-AK47/Probuster
Silly EDR Bypasses and Where To Find Them
https://malwaretech.com/2023/12/silly-edr-bypasses-and-where-to-find-them
Shadow-Pulse: information about ransomware groups (Ransomware Analysis Notes)
https://github.com/StrangerealIntel/Shadow-Pulse/
Leveraging Microsoft Protection Logging for Forensic Investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
This repository implements Threadless Injection in C
https://github.com/lsecqt/ThreadlessInject-C
AuthLogParser: is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log
https://github.com/YosfanEilay/AuthLogParser
smtpsmug: Script to help analyze mail servers for SMTP Smuggling vulnerabilities.
https://github.com/hannob/smtpsmug
Just another C2 Redirector using CloudFlare
https://github.com/som3canadian/Cloudflare-Redirector
Keres: a is Powershell rev-shell backdoor with persistence
https://github.com/ELMERIKH/Keres
Operation Triangulation: The last (hardware) mystery
https://securelist.com/operation-triangulation-the-last-hardware-mystery
secbutler: The perfect butler for pentesters, bug-bounty hunters and security researchers
https://github.com/groundsec/secbutler
Fake IP sources using Linux's BPF feature
https://github.com/CodeChina888/FakeToa
This is a POC for a CLR sleep obfuscation attempt
It use IHostMemoryManager interface to control the memory allocated by the CLR
https://github.com/lap1nou/CLR_Heap_encryption
The Google 0-day all Infostealer groups are exploiting
https://www.infostealers.com/article/the-0-day-all-infostealer-groups-are-exploiting
Def1nit3lyN0tAJa1lbr3akTool: A jailbreak tool for all arm64 devices on iOS 16.0 to iOS 16.5
https://github.com/KpwnZ/Def1nit3lyN0tAJa1lbr3akTool
vs-shellcode: Shellcode template is an Visual Studio in C++ to make shellcode on windows
https://github.com/RtlDallas/vs-shellcode
EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server
https://github.com/netero1010/EDRSilencer
Collection of forensic tools
https://github.com/cristianzsh/forensictools
A simple dependency injection library for Rust
https://github.com/m1guelpf/silhouette
SSH ProxyCommand == unexpected code execution (CVE-2023-51385)
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
sessionless: TokenSigner is a Burp Suite extension for editing, signing, verifying various signed web tokens
https://github.com/d0ge/sessionless
SharpHIBP: A C# Tool to gather information about email breaches
https://github.com/dmcxblue/SharpHIBP
codecave hook: reverse engineering toolkit
https://github.com/byte2mov/codecave-hook
