몾 Artemis @mixic@nanao.cybtex.fr

dpapi-ng v0.1.0

Python DPAPI NG Decryption Library

https://github.com/jborean93/dpapi-ng

​​LOLDrivers

Living Off The Land Drivers is a curated list of Microsoft Windows drivers used by adversaries

https://www.loldrivers.io

The game of chess is like a sword fight. You must think first, before you move.

hem-hashes

HIEW module to calc MD5, SHA-1 & SHA-256 hashes of a given file/block

https://github.com/merces/hem-hashes

Hunt-Weird-Syscalls

This project uses kernel based ETW providers to monitor for IOCs

https://github.com/thefLink/Hunt-Weird-Syscalls

ScareCrow v5.0.0

Payload creation framework designed around EDR bypass

https://github.com/optiv/ScareCrow

LAPSDecrypt.cs

PoC - LAPS v2

https://gist.github.com/xpn/23dc5b6c260a7571763ca8ca745c32f4

LDAP V3 pure Python client

TLS channel binding during NTML auth

https://github.com/cannatag/ldap3/pull/1087

kAFL

A fuzzer for full VM kernel / driver targets

https://github.com/IntelLabs/kAFL

PE-Obfuscator by TheD1rkMtr

https://github.com/TheD1rkMtr/PE-Obfuscator

DPAPISnoop

Output crackable DPAPI hashes from user MasterKeys

https://github.com/leftp/DPAPISnoop

YaraDBG v0.0.3

https://yaradbg.dev

TokenUniverse v0.3

Advanced tool for working with access tokens & Windows Security Policy

https://github.com/diversenok/TokenUniverse

PidLidReminderPwn.py

Exploiting Outlook CVE-2023-23397 using Python by sending the message through EWS

https://gist.github.com/tothi/d2d6c6a3e8b1d72ce6646d8683326e49

NewPowerDNS

Transfer files over DNS A records. NewPowerDNS is an updated version of PowerDNS by Dominic Chell (@domchell)

https://github.com/icyguider/NewPowerDNS

Aujourd'hui, SIGSEGV ne cesse de me narguer.

PPLmedic

Dump the memory of any PPL with a Userland exploit chain

https://github.com/itm4n/PPLmedic

HTTP Toolkit

Targeted interception for specific clients rather than intercepting everything and so avoids capturing irrelevant traffic or disrupting other applications

https://httptoolkit.com