A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

Small and highly portable detection tests based on MITRE's ATT&CK.

Simple (relatively) things allowing you to dig a bit deeper than usual.

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

LSASS memory dumper using direct system calls and API unhooking.

A tool to kill antimalware protected processes

A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC

Evading WinDefender ATP credential-theft

PoC to demonstrate how CLR ETW events can be tampered.