Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Perl

PHP

Clojure

Ruby

Lua

Emacs Lisp

Julia

Haskell

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Rust

Scala

F#

Ada

Nix

Swift

C#

Elm

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇸🇪 Sweden

🇱🇷 Liberia

🇪🇬 Egypt

🇧🇯 Benin

🇩🇯 Djibouti

🇸🇬 Singapore

🇧🇭 Bahrain

🇰🇬 Kyrgyzstan

All Countries Compare Countries

mattifestation/WMI_Backdoor

This repository has been archived on 14/Sep/2022
Stars
269
Rank 152,662 (Top 4 %)
Language
PowerShell
License
BSD 3-Clause "New...
Created over 9 years ago
Updated over 9 years ago

mattifestation/WMI_Backdoor

mattifestation

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A PoC WMI backdoor presented at Black Hat 2015

WMI_Backdoor

A PoC WMI backdoor presented at Black Hat 2015

PowerShellArsenal

A PowerShell Module Dedicated to Reverse Engineering

CimSweep

CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.

PIC_Bindshell

Position Independent Windows Shellcode Written in C

PSSysmonTools

Sysmon Tools for PowerShell

PSReflect

Easily define in-memory enums, structs, and Win32 functions in PowerShell

WDACTools

A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies

WinPETools

A module designed to simplify the creation, customization, and deployment of bootable Windows Preinstallation Environment (WinPE) images.

BHUSA2018_Sysmon

All materials from our Black Hat 2018 "Subverting Sysmon" talk

AntimalwareBlight

Execute PowerShell code at the antimalware-light protection level.

DeviceGuardBypassMitigationRules

A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses

PoCSubjectInterfacePackage

A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.

BCD

BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functionality of the functions in this module mirror that of bcdedit.exe.

WDACPolicies

A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies

TCGLogTools

A set of tools to retrieve and parse TCG measured boot logs. Microsoft refers to these as Windows Boot Confirguration Logs (WBCL). In order to retrieve these logs, you must be running at least Windows 8 with the TPM enabled.

WindowsEventLogMetadata

Event metadata collected across all manifest-based ETW providers on Window 10 1903

ShellcodeExec

A simple shellcode runner

CatalogTools

A PowerShell module to assist in parsing and managing catalog files.

UnicornPowerShell

A PowerShell binding for the Unicorn Engine

MSFTTraceMessageFormat

All TMF files that I extracted from Microsoft PDBs.

mattifestation