Jean-François Maes

Elite
@jfmaes

LazySign. Create fake certs for binaries using windows binaries and the power of bat files

571

SharpZipRunner. Executes position independent shellcode from an encrypted zip

304

Invoke-DLLClone. Koppeling x Metatwin x LazySign

218

SharpHandler. C#

188

AmsiHooker. Hookers are cooler than patches.

170

GG-AESY. Hide cool stuff in images :)

144

TrustJack. Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows

143

phisherman. A real fake social engineering app

129

SharpNukeEventLog. nuke that event log using some epic dinvoke fu

115

SharpLNKGen-UI. UI for creating LNKs

105

Backdoorplz. adding a backdooruser using win32api

79

DeepSleep. all credits go to @mgeeky

65

Red-EC2. Spin up RedTeam infrastructure on AWS via Ansible

64

aws_mini_ad. An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.

48

CSharpReflectionWorkshop. The repository that complements the From zero to hero: creating a reflective loader in C# workshop

40

Clippi-B. C#

38

CMDLL. the most basic DLL ever to pop a cmd.

25

Ansible-EmpireSuite. ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)

24

FunWithServerless. Python

24

Emulation-Workshop. The repository accompanying the Buer Emulation workshop

24

awesome-ai-workflow. opinionated workflow on LLM driven development.

22

Red-Route53-Interactive.

19

talks-cons. aggregated repo for all conferences and talks I am giving

17

downloadfix. inspired by mr d0x filefix

16

Ansible-Cobalt-Strike. An Ansible role to install cobalt-strike

16

Parsers. parsers to make life easier

13

SharpXOR. XOR crypt/decrypt using C#

12

blogposts-talks-and-tidbits. all random stuff that dont warrant a seperate repo

12

DRegHide. fun stuff with null bytes and dinvoke

10

SEC565-Tools. PowerShell

10

sharpbysentinel. lol firewall

9

maldev-for-dummies. A workshop about Malware Development

5

SilverRAT-FULL-Source-Code. This project contains an open source RAT (Remote Access Trojan).

4

x33fcon-workshop. PowerShell

3

NerveGas. messing around with ETW in C#

3

RegFetch. Interfaces with winsockets to fetch a txt file, parses the file and changes the registry accordingly

2

DInvoke. Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

2

WinAPI-Tricks. Collection of various WINAPI tricks / features used or abused by Malware

2

PowerUpSQL. PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

2

Ransomware-Database. For educational purposes only, samples of ransomware/wiper trojans including screenshots/ransom-notes.

2

EDRSandblast-GodFault. EDRSandblast-GodFault

2

byor. Go

1

PyFuscation. Obfuscate powershell scripts by replacing Function names, Variables and Parameters.

1

Get-ServiceACL. courtesey of a gist I found on github

1

poc. Proof of Concepts

1

ragnarok. the only rag you'll ever need.

1
46
Apply