Skip to content
View orscohen's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 15 following

Block or report orscohen

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Lists (1)

Sort Name ascending (A-Z)
Sort by
Name ascending (A-Z) Name descending (Z-A) Newest Oldest Last updated

Stars

Showing results

mitre-atlas / arsenal

CALDERA plugin for adversary emulation of AI-enabled systems

Python 93 9 Updated Aug 7, 2023

GeSamaras / CybersecuritySOC

obsidian notes for soc level 1

1 Updated Oct 11, 2024

LOTTunnels / LOTTunnels.github.io

HTML 88 6 Updated Feb 17, 2025

magicsword-io / LOLDrivers

Living Off The Land Drivers

YARA 1,118 133 Updated Mar 3, 2025

KingKDot / Somalifuscator-Powershell-Edition

Stable powershell Obfuscator with lots of room for improvement

PowerShell 11 1 Updated Dec 13, 2024

KingKDot / SomalifuscatorV2

Most advanced and poorly coded windows batch obfuscator ever made (aka the best)

Python 300 40 Updated Jan 19, 2025

EvilBytecode / Lifetime-Amsi-EtwPatch

Two in one, patch lifetime powershell console, no more etw and amsi!

Go 83 14 Updated Jun 27, 2024

hackirby / skuld

Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)

Go 267 66 Updated Dec 11, 2024

SecDbg / ThunderKitty

Forked from EvilBytecode/ThunderKitty

🔑 Open source stealer written in Go, all logs will be sent to Telegram bot.

Go 3 1 Updated Aug 6, 2024

Y0ung-DST / awesome-forensics

Forked from cugu/awesome-forensics

A curated list of awesome forensic analysis tools and resources

3 1 Updated Mar 2, 2023

ZeroMemoryEx / Amsi-Killer

Lifetime AMSI bypass

C++ 615 92 Updated Sep 26, 2023

ZeroMemoryEx / Blackout

kill anti-malware protected processes ( BYOVD) ( Microsoft Won)

C++ 925 137 Updated Jul 21, 2023

ZeroMemoryEx / Terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

C++ 947 158 Updated Jun 20, 2023

syntheticlol / Discord-RAT

Discord RAT: A versatile bot-based C2 tool that can manage multiple clients at once.

Python 80 10 Updated Jul 10, 2024

pwn1sher / KillDefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

C++ 681 125 Updated Jun 28, 2022

cocomelonc / hack-process-hacker2

Proof of Concept example for abusing Process Hacker 2 (v2.39.124)

C++ 21 3 Updated Oct 30, 2024

C5Hackr / PEB-Redirection

C++ 9 Updated Oct 19, 2024

EvilBytecode / GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educati…

Go 530 78 Updated Feb 7, 2025

BlackShell256 / Null-AMSI

Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.

PowerShell 38 2 Updated Nov 22, 2024

mthcht / Purpleteam

Purpleteam scripts simulation & Detection - trigger events for SOC detections

PowerShell 181 19 Updated Dec 20, 2024

mthcht / ThreatHunting-Keywords-yara-rules

yara detection rules for hunting with the threathunting-keywords project

YARA 106 16 Updated Mar 2, 2025

RedSiege / Chromatophore

Utilities for obfuscating shellcode

C 54 6 Updated Jun 25, 2024

MalwareTech / EDR-Preloader

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

C++ 477 76 Updated Feb 13, 2024

mlcsec / EDRenum-BOF

Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.

C 117 9 Updated Oct 4, 2024

EvilBytecode / EDR-XDR-AV-Killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Go 259 44 Updated Feb 7, 2025

FourCoreLabs / EDRHunt

Scan installed EDRs and AVs on Windows

Go 577 80 Updated Sep 14, 2023

senzee1984 / EDRPrison

Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

C# 388 37 Updated Aug 2, 2024

ajpc500 / pyCaldera

A basic Python API client for MITRE Caldera

Jupyter Notebook 2 1 Updated May 26, 2024

avast / PurpleDome

Simulation environment for attacks on computer networks

Python 22 7 Updated Jun 1, 2022

SigmaHQ / sigma

Main Sigma Rule Repository

Python 8,775 2,283 Updated Mar 4, 2025
Next