몾 Artemis @mixic@nanao.cybtex.fr

• ntrlmrelay.py_to_exe

https://github.com/LuemmelSec/ntrlmrelay.py_to_exe

🎸 Pinyo Kinyo r0x

ObjectWalker v2.1.6 by Rémi Gascou

#Python module to explore the object tree to extract paths to interesting targets / objects in memory

https://github.com/p0dalirius/objectwalker

• Process_String_Extractor.ps1

This scriplet is also able to extract Cookies for Microsoft O365 / Microsoft Azure PTC Attack

https://gist.github.com/LuemmelSec/3f2c4b7642dc7b2ae63601ed02ec3db5

A simple client for LOLDrivers

https://github.com/rtfmkiesel/loldrivers-client

dpapi-ng v0.1.0

Python DPAPI NG Decryption Library

https://github.com/jborean93/dpapi-ng

​​LOLDrivers

Living Off The Land Drivers is a curated list of Microsoft Windows drivers used by adversaries

https://www.loldrivers.io

The game of chess is like a sword fight. You must think first, before you move.

hem-hashes

HIEW module to calc MD5, SHA-1 & SHA-256 hashes of a given file/block

https://github.com/merces/hem-hashes

Hunt-Weird-Syscalls

This project uses kernel based ETW providers to monitor for IOCs

https://github.com/thefLink/Hunt-Weird-Syscalls

ScareCrow v5.0.0

Payload creation framework designed around EDR bypass

https://github.com/optiv/ScareCrow

LAPSDecrypt.cs

PoC - LAPS v2

https://gist.github.com/xpn/23dc5b6c260a7571763ca8ca745c32f4

LDAP V3 pure Python client

TLS channel binding during NTML auth

https://github.com/cannatag/ldap3/pull/1087

kAFL

A fuzzer for full VM kernel / driver targets

https://github.com/IntelLabs/kAFL

PE-Obfuscator by TheD1rkMtr

https://github.com/TheD1rkMtr/PE-Obfuscator

DPAPISnoop

Output crackable DPAPI hashes from user MasterKeys

https://github.com/leftp/DPAPISnoop

YaraDBG v0.0.3

https://yaradbg.dev

TokenUniverse v0.3

Advanced tool for working with access tokens & Windows Security Policy

https://github.com/diversenok/TokenUniverse