Lists (1)
Stars
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Python API for the LimaCharlie.io service.
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
A repository of credential stealer formats
nsync is a C library that exports various synchronization primitives, such as mutexes
Interesting APT Report Collection And Some Special IOC
Pure rust windows prefetch parser implementation
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Open source Tines / Splunk SOAR alternative. All-in-one automation platform (workflows, tables, cases) for security and IT teams.
Go mascot image constructor. Create your cute own gopher.
// Aesthetic, dynamic and minimal dots for Arch hyprland
CLI tools for forensic investigation of Windows artifacts
Forensic framework to build tools that can be reused in multiple projects without changing anything
A modern replacement for Redis and Memcached
Scripts to build a trimmed-down Windows 11 image.
Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions
Cloud-native search engine for observability. An open-source alternative to Datadog, Elasticsearch, Loki, and Tempo.
Code examples, data structures, and links from my book, Rust Atomics and Locks.
Collection of Cyber Threat Intelligence sources from the deep and dark web
Dynamically create a custom Windows based laboratory or clone a real Windows Network
Framework definitions that allow to build a custom SIEM.