John U

icon location Canberra, Australia icon location @jdu2600

Results 5 repositories owned by John U

Windows10EtwEvents

260
Stars
56
Forks
Watchers

Events from all manifest-based and mof-based ETW providers across Windows 10 versions

verified publisher icon jdu2600

CFG-FindHiddenShellcode

93
Stars
12
Forks
Watchers

Walks the CFG bitmap to find previously executable but currently hidden shellcode regions

verified publisher icon jdu2600

Etw-SyscallMonitor

45
Stars
5
Forks
Watchers

Monitors ETW for security relevant syscalls maintaining the set called by each unique process

verified publisher icon jdu2600

EtwTi-FluctuationMonitor

90
Stars
10
Forks
Watchers

Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections

verified publisher icon jdu2600

Get-InjectedThreadEx

23
Stars
4
Forks
Watchers

Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2

verified publisher icon jdu2600