• Stars
    star
    53
  • Rank 552,529 (Top 11 %)
  • Language
    Go
  • License
    GNU General Publi...
  • Created almost 3 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of projects demonstrating various commandline cloaking techniques on Linux

More Repositories

1

bad-bpf

A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
C
530
star
2

Sealighter

Sysmon-Like research tool for ETW
C++
328
star
3

SealighterTI

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
C
159
star
4

PPLRunner

Run Processes as PPL with ELAM
C
141
star
5

bpf-hookdetect

Dectect syscall hooking using eBPF
C
139
star
6

siemcraft

Security Information and Event Management in Minecraft
Go
115
star
7

bpf-pipesnoop

Example program using eBPF to log data being based in using shell pipes
C
40
star
8

toucli

Use TouchID and the Secure Enclave to encrypt data from the commandline.
Swift
15
star
9

SimpleAmsiProvider

A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
C++
13
star
10

tf_wireguard

Simple Terraform Scripts to setup a WireGuard server on various cloud providers.
HCL
11
star
11

https.server

Python SimpleHTTPServer wrapped in TLS
Python
8
star
12

bpf-uprobedbg

C
7
star
13

ctlwatcher

Monitor Certificate Transparency logs for domains matching regexes.
Rust
6
star
14

ld_preload_go

Simple example of creating an `LD_PRELOAD` library in Go that hooks LibC's main function.
Go
5
star
15

ebpf-pinned-fentry

Example how to run eBPF probes without a usermode process using fentry
C
3
star
16

Presentations

A Repo to hold slides from presentations, etc.
3
star
17

cookiecache

Simplify getting and using cookies from the browser to use in Python.
Python
3
star
18

dockenv

Dockenv - Run python in docker the easy way
Python
2
star
19

etwRunner

Basic KrabsETW runner template
C++
2
star
20

terraform-provider-bitlaunch

BitLaunch Terraform Provider
Go
2
star
21

pyauditlogger

Auto-Add Python 3.8 audit hooks to all python scripts
Python
1
star
22

hijack-watcher

Rust version of HijackWatcher
Rust
1
star
23

etw_watcher

Using GitHub Actions to create commit diffs
PowerShell
1
star
24

PowerInject

Inject Interactive PowerShell into an arbitrary process
C
1
star
25

sigstore-watcher

Watches SigStore Code Signing Logs
Rust
1
star
26

sgproxy

Basic HTTP/S proxy. Created to add HTTP Auth to a request from a client that doesn't support supplying auth in URL, for example VScode's Juypyter Notebook Server browser.
Go
1
star
27

Puppeteer-Stealth-Docker

This is a simple example of how do stealthy headless chrome webscraping from a Docker container.
Dockerfile
1
star