Skip to content
View orscohen's full-sized avatar
🎯
Focusing
🎯
Focusing
2 followers · 15 following

Block or report orscohen

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Lists (1)

Sort Name ascending (A-Z)
Sort by
Name ascending (A-Z) Name descending (Z-A) Newest Oldest Last updated

Stars

Showing results

magicsword-io / LOLDrivers

Living Off The Land Drivers

YARA 1,079 126 Updated Jan 13, 2025

KDot227 / Somalifuscator-Powershell-Edition

Stable powershell Obfuscator with lots of room for improvement

PowerShell 9 1 Updated Dec 13, 2024

KDot227 / SomalifuscatorV2

Most advanced and poorly coded windows batch obfuscator ever made (aka the best)

Python 293 40 Updated Dec 15, 2024

EvilBytecode / Lifetime-Amsi-EtwPatch

Two in one, patch lifetime powershell console, no more etw and amsi!

Go 84 14 Updated Jun 27, 2024

hackirby / skuld

Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)

Go 249 58 Updated Dec 11, 2024

SecDbg / ThunderKitty

Forked from EvilBytecode/ThunderKitty

🔑 Open source stealer written in Go, all logs will be sent to Telegram bot.

Go 3 1 Updated Aug 6, 2024

Y0ung-DST / awesome-forensics

Forked from cugu/awesome-forensics

A curated list of awesome forensic analysis tools and resources

3 1 Updated Mar 2, 2023

ZeroMemoryEx / Amsi-Killer

Lifetime AMSI bypass

C++ 610 92 Updated Sep 26, 2023

ZeroMemoryEx / Blackout

kill anti-malware protected processes ( BYOVD) ( Microsoft Won)

C++ 916 137 Updated Jul 21, 2023

ZeroMemoryEx / Terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

C++ 938 155 Updated Jun 20, 2023

syntheticlol / Discord-RAT

Discord RAT: A versatile bot-based C2 tool that can manage multiple clients at once.

Python 74 11 Updated Jul 10, 2024

pwn1sher / KillDefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

C++ 674 124 Updated Jun 28, 2022

cocomelonc / hack-process-hacker2

Proof of Concept example for abusing Process Hacker 2 (v2.39.124)

C++ 19 3 Updated Oct 30, 2024

C5Hackr / PEB-Redirection

C++ 9 Updated Oct 19, 2024

EvilBytecode / GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educati…

Go 456 65 Updated Aug 12, 2024

BlackShell256 / Null-AMSI

Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.

PowerShell 28 1 Updated Nov 22, 2024

mthcht / Purpleteam

Purpleteam scripts simulation & Detection - trigger events for SOC detections

PowerShell 169 19 Updated Dec 20, 2024

mthcht / ThreatHunting-Keywords-yara-rules

yara detection rules for hunting with the threathunting-keywords project

YARA 92 13 Updated Jan 12, 2025

RedSiege / Chromatophore

Utilities for obfuscating shellcode

C 49 6 Updated Jun 25, 2024

MalwareTech / EDR-Preloader

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

C++ 473 76 Updated Feb 13, 2024

mlcsec / EDRenum-BOF

Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.

C 112 8 Updated Oct 4, 2024

EvilBytecode / EDR-XDR-AV-Killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Go 253 43 Updated Jul 7, 2024

FourCoreLabs / EDRHunt

Scan installed EDRs and AVs on Windows

Go 574 80 Updated Sep 14, 2023

senzee1984 / EDRPrison

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

C# 364 35 Updated Aug 2, 2024

ajpc500 / pyCaldera

A basic Python API client for MITRE Caldera

Jupyter Notebook 2 1 Updated May 26, 2024

avast / PurpleDome

Simulation environment for attacks on computer networks

Python 22 7 Updated Jun 1, 2022

SigmaHQ / sigma

Main Sigma Rule Repository

Python 8,599 2,248 Updated Jan 15, 2025

amjcyber / EDRNoiseMaker

Detect WFP filters blocking EDR communications

PowerShell 85 13 Updated Jan 5, 2024

Significant-Gravitas / AutoGPT

AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

Python 170,566 44,843 Updated Jan 17, 2025

netero1010 / EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

C 1,558 196 Updated Nov 3, 2024
Next