James Forshaw

Elite
@tyranid

oleviewdotnet. A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

1.4k

DotNetToJScript. A tool to create a JScript file which loads a .NET v2 assembly from memory.

1.3k

ExploitRemotingService. A tool to exploit .NET Remoting Services

539

WindowsRpcClients. This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.

287

blackhat-usa-2022-demos. Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"

258

windows-security-internals. A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.

236

windows-logical-eop-workshop. C

233

CANAPE.Core. A network proxy library written in C# for .NET Core based on CANAPE

191

infosec-presentations. A repository of previous info-sec presentations I've presented.

166

IE11SandboxEscapes. Some example source code for fixed IE11 sandbox escapes.

141

DeviceGuardBypasses. A repository of some of my Windows 10 Device Guard Bypasses

139

ExploitDotNetDCOM. A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.

92

WindowsRuntimeSecurityDemos. Demos for Presentation on Windows Runtime Security

71

DotNetInteropDemos. A set of demos and a PowerShell module to interact with DotNetInterop.

69

windows-attacksurface-workshop. Workshop material for a Windows Attack Surface Analysis Workshop

68

ZeroNights2017. Some sample code from my Zero Nights 2017 presentation.

60

ExampleChatApplication. A simple example chat application written for .NET Core to learn network protocol analysis.

45

windows-memory-access-traps. A few examples of how to trap virtual memory access on Windows.

40

canape. CANAPE Network Testing Tool

34

DumpReparsePoints. This is a simple tool to dump all the reparse points on an NTFS volume.

33

Zer0Con_2018. Repository for my talk on Desktop Bridge at Zer0Con 2018.

33

setsidmapping. Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.

26

SuperFunkyChat. An example binary protocol application for learning CANAPE

24

44con_2014. Materials for 44con 2014 CANAPE Workshop

23

AxHell. A simple exploitable ActiveX control for RE/VR

19

bh2014. Built binaries for BH 2014 workshop

18

poc-gtfo-13-poc. This is the code to accompany the article "How Slow Can You Go?" from PoC||GTFO #13

12

canape-ssl-mitm-osx. A simple CANAPE extension to exploit iOS/OSX SSL vulnerability

10

pdbex. pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

9

re. Some simple reverse engineering resources

6

saturndebug. My old old sega saturn debugger, for information purposes

6

Sourcey-Jack. Simple injection project to convert network connections to SOCKS

6

apple1_emu. A simple Apple I emulator written in Rust.

4

windbg_js_scripts. Toy scripts for playing with WinDbg JS API

4

prxtool. C

3

psplinkusb. C

2

Kanjidic-OSX. A project to convert Jim Breen's Kanji Dictionary to the OSX dictionary.app format

1
37
Apply