Stars
A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
Workshop material for a Windows Attack Surface Analysis Workshop
A repository of previous info-sec presentations I've presented.
This is the code to accompany the article "How Slow Can You Go?" from PoC||GTFO #13
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
A tool to create a JScript file which loads a .NET v2 assembly from memory.
Use Cloudflare to create HTTP pass-through proxies for unique IP rotation, similar to fireprox
Windows protocol library, including SMB and RPC implementations, among others.
The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.
A webshell and a normal file that have the same MD5
Python script to leverage MSFT_MTProcess WMI class
Azure Functions Python SDK
This repository is for active development of the Azure SDK for Python. For consumers of the SDK we recommend visiting 8521 our public developer docs at https://learn.microsoft.com/python/azure/ or our v…
Repository for the LOCK STAR initiative. This includes guidance and any supporting files for writeups.
🙈 Volkswagen detects when your tests are being run in a CI server, and makes them pass.
Automated subdomain enumeration for Paranoid Security & Dark OSINT
Living Under the Land on Linux ~ BSides Belfast 2025
Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.
"An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast Missouri State University Cyber Range- based off of my explo…
Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1