C.J. May
C.J. May
Similar idea to the [lsass dump detection rule](https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_lsass_dump.yml), this rule detects default file names outputted by SharpHound.
I've run into a issue with updating a list of embedded documents. There is an easy way around it for now, but I think it qualifies as a bug since...
Create a YARA rule to detect the compiled `jaws` binary as it would be created by the default Makefile.
Add the capability to dump interpreted instructions back into their own file, effectively making an extractor that can pull raw Jaws code out of any type of file.
This is probably going to go in its own repo, but it would be cool to have a tool that injects Jaws code into various types of files.
This is probably going to require the creation of a separate git repo, but I'm just putting in here for remembering later. The end goal is to be able to...
Add a debugger to Jaws to step through interpretation or enter the debugger when an error occurs. The debugger should be able to see what instruction the interpreter is on,...
The test program netcon.jaws works when the Jaws vm is built for Linux, but doesn't work on Windows. The Windows implementation uses winsocks2 rather than unix sockets, so the first...
I was trying to concatenate jaws code to the end of an elf binary for a CTF, but I ran into an issue where a false header was being picked...
Right now the reverse shell is limited and can't do things like tmux, vim, or even tab completion. I want to figure out a way to get an SSH-like session...