Matt Graeber

icon indicating a website link https://mattifestation.medium.com/

Results 17 repositories owned by Matt Graeber

AntimalwareBlight

115
Stars
17
Forks
Watchers

Execute PowerShell code at the antimalware-light protection level.

verified publisher icon mattifestation

BCD

55
Stars
19
Forks
Watchers

BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functionality of the functions in this module mirror that of bcdedit....

verified publisher icon mattifestation

BHUSA2018_Sysmon

139
Stars
24
Forks
Watchers

All materials from our Black Hat 2018 "Subverting Sysmon" talk

verified publisher icon mattifestation

capstone

17
Stars
5
Forks
Watchers

Capstone disassembly framework: Core + Python + Ocaml + Java + C# bindings

verified publisher icon mattifestation

CatalogTools

18
Stars
3
Forks
Watchers

A PowerShell module to assist in parsing and managing catalog files.

verified publisher icon mattifestation

CimSweep

610
Stars
162
Forks
Watchers

CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.

verified publisher icon mattifestation

DeviceGuardBypassMitigationRules

110
Stars
34
Forks
Watchers

A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses

verified publisher icon mattifestation

PoCSubjectInterfacePackage

85
Stars
34
Forks
Watchers

A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.

verified publisher icon mattifestation

PowerShellArsenal

789
Stars
219
Forks
Watchers

A PowerShell Module Dedicated to Reverse Engineering

verified publisher icon mattifestation

PSReflect

204
Stars
66
Forks
Watchers

Easily define in-memory enums, structs, and Win32 functions in PowerShell

verified publisher icon mattifestation