Discover @med0x2e Open Source projects

Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Assembly

Swift

Nix

Groovy

CSS

C

C++

MATLAB

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Kotlin

Dart

C++

Nix

Clojure

Scala

C#

Racket

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇨🇴 Colombia

🇵🇲 Saint Pierre and Miquelon

🇹🇻 Tuvalu

🇬🇺 Guam

🇧🇧 Barbados

🇦🇺 Australia

🇻🇦 Vatican City

🇭🇳 Honduras

All Countries Compare Countries

Mohamed El Azaar (@med0x2e)

med0x2e

Stars
3,199
Global Rank 8,810 (Top 0.4 %)
Followers 536
Following 3
Registered about 11 years ago
Most used languages

C#
40.0 %

C
10.0 %

PowerShell
10.0 %

Go
10.0 %

C++
10.0 %

VBA 10.0 %

Python
10.0 %
Location 🇦🇪 United Arab Emirates
Country Total Rank 18
Country Ranking

C#
1

VBA 1

C
2

C++
2

PowerShell
3

Go
15

Python
592

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

GadgetToJScript

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

ExecuteAssembly

Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).

NTLMRelay2Self

An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).

NoAmci

Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().

vba2clr

Running .NET from VBA

NET-Assembly-Inject-Remote

.NET assembly local/remote loading/injection into memory.

genxlm

A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4Macro"

RT-EWS

A Powershell module including a couple of cmdlets for EWS Enum/Exploitation.

Scrncat

A script using OCR (pytesseract) and PIL to rename/order/group Screenshots into PR/RT phases based on which RT/PT stage executed commands correspond to & Redact passwords based on common password patterns (Regex) or a passwords/hashes list of choice.