mgeeky
{
"type": "http://schema.org/Person",
"name": "",
"description": "",
"followers": "",
"url": "",
"location": "",
"languages": [
"PowerShell",
"PowerShell",
"C++",
"Python",
"C++",
"Python"
],
"users": [
{
"name": "@mgeeky",
"avatar": "https://avatars.githubusercontent.com/u/654344?s=64&v=4"
},
{
"name": "@mgeeky",
"avatar": "https://avatars.githubusercontent.com/u/654344?s=64&v=4"
},
{
"name": "View mgeeky's full-sized avatar",
"avatar": "https://avatars.githubusercontent.com/u/654344?v=4"
},
{
"name": "@fashionproof",
"avatar": "https://avatars.githubusercontent.com/u/54709343?s=70&v=4"
},
{},
{
"name": "@1angly",
"avatar": "https://avatars.githubusercontent.com/u/28299381?s=70&v=4"
},
{},
{},
{},
{},
{},
{
"name": "@natesubra",
"avatar": "https://avatars.githubusercontent.com/u/12102127?s=70&v=4"
},
{},
{},
{},
{}
],
"topics": []
}
Binary-Offensive.com
{
"avatar": "https://avatars.githubusercontent.com/u/654344?v=4",
"name": "Mariusz Banach",
"username": "mgeeky",
"description": "🔴 Red Team operator. \n👾 I live & breath Windows malware. 🛡️ Securing the world by stealing cyber criminals' operation theater and exposing it through code",
"location": "Poland",
"vcard": "<svg class=\"octicon octicon-organization\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" height=\"16\" aria-hidden=\"true\"><path d=\"M1.75 16A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0h8.5C11.216 0 12 .784 12 1.75v12.5c0 .085-.006.168-.018.25h2.268a.25.25 0 0 0 .25-.25V8.285a.25.25 0 0 0-.111-.208l-1.055-.703a.749.749 0 1 1 .832-1.248l1.055.703c.487.325.779.871.779 1.456v5.965A1.75 1.75 0 0 1 14.25 16h-3.5a.766.766 0 0 1-.197-.026c-.099.017-.2.026-.303.026h-3a.75.75 0 0 1-.75-.75V14h-1v1.25a.75.75 0 0 1-.75.75Zm-.25-1.75c0 .138.112.25.25.25H4v-1.25a.75.75 0 0 1 .75-.75h2.5a.75.75 0 0 1 .75.75v1.25h2.25a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25h-8.5a.25.25 0 0 0-.25.25ZM3.75 6h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 3.75A.75.75 0 0 1 3.75 3h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 3.75Zm4 3A.75.75 0 0 1 7.75 6h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 7 6.75ZM7.75 3h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5ZM3 9.75A.75.75 0 0 1 3.75 9h.5a.75.75 0 0 1 0 1.5h-.5A.75.75 0 0 1 3 9.75ZM7.75 9h.5a.75.75 0 0 1 0 1.5h-.5a.75.75 0 0 1 0-1.5Z\"></path></svg>\n <span class=\"p-org\"><div>Binary-Offensive.com</div></span>\n",
"vcardDetails": [
{
"name": "@mariuszbit",
"url": "https://twitter.com/mariuszbit"
}
],
"orgs": [],
"sponsors": [],
"pinned": [
{
"name": "Penetration-Testing-Tools",
"description": "A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.",
"language": ""
},
{
"name": "cobalt-arsenal",
"description": "My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+",
"language": ""
},
{
"name": "ThreadStackSpoofer",
"description": "Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.",
"language": ""
},
{
"name": "RedWarden",
"description": "Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation",
"language": ""
},
{
"name": "ShellcodeFluctuation",
"description": "An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents",
"language": ""
},
{
"name": "PackMyPayload",
"description": "A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX",
"language": ""
}
],
"pinnedHtml": [
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"120032811\" href=\"/mgeeky/Penetration-Testing-Tools\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">Penetration-Testing-Tools</span>\n</a><tool-tip id=\"tooltip-ea42b1e3-5019-42c2-8ec1-3e7e3edd2db5\" for=\"120032811\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">Penetration-Testing-Tools</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #012456\"></span>\n <span itemprop=\"programmingLanguage\">PowerShell</span>\n</span>\n\n <a href=\"/mgeeky/Penetration-Testing-Tools/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 2.5k\n </a>\n <a href=\"/mgeeky/Penetration-Testing-Tools/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 496\n </a>\n </p>\n ",
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"254381646\" href=\"/mgeeky/cobalt-arsenal\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">cobalt-arsenal</span>\n</a><tool-tip id=\"tooltip-1cc8f199-c22b-4f56-93d4-ac31656f5909\" for=\"254381646\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">cobalt-arsenal</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #012456\"></span>\n <span itemprop=\"programmingLanguage\">PowerShell</span>\n</span>\n\n <a href=\"/mgeeky/cobalt-arsenal/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 1k\n </a>\n <a href=\"/mgeeky/cobalt-arsenal/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 149\n </a>\n </p>\n ",
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"410679652\" href=\"/mgeeky/ThreadStackSpoofer\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">ThreadStackSpoofer</span>\n</a><tool-tip id=\"tooltip-4b49d7b2-b0d6-4291-8bd7-ff316c1064ff\" for=\"410679652\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">ThreadStackSpoofer</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #f34b7d\"></span>\n <span itemprop=\"programmingLanguage\">C++</span>\n</span>\n\n <a href=\"/mgeeky/ThreadStackSpoofer/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 1k\n </a>\n <a href=\"/mgeeky/ThreadStackSpoofer/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 172\n </a>\n </p>\n ",
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"367738046\" href=\"/mgeeky/RedWarden\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">RedWarden</span>\n</a><tool-tip id=\"tooltip-924c1d43-6bd2-432f-a08a-c198d86fe3f0\" for=\"367738046\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">RedWarden</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #3572A5\"></span>\n <span itemprop=\"programmingLanguage\">Python</span>\n</span>\n\n <a href=\"/mgeeky/RedWarden/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 910\n </a>\n <a href=\"/mgeeky/RedWarden/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 138\n </a>\n </p>\n ",
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"411628041\" href=\"/mgeeky/ShellcodeFluctuation\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">ShellcodeFluctuation</span>\n</a><tool-tip id=\"tooltip-8207d251-021c-468f-9a93-0fea728efeef\" for=\"411628041\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">ShellcodeFluctuation</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #f34b7d\"></span>\n <span itemprop=\"programmingLanguage\">C++</span>\n</span>\n\n <a href=\"/mgeeky/ShellcodeFluctuation/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 911\n </a>\n <a href=\"/mgeeky/ShellcodeFluctuation/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 150\n </a>\n </p>\n ",
"\n <div class=\"d-flex width-full position-relative\">\n <div class=\"flex-1\">\n <svg aria-hidden=\"true\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo mr-1 color-fg-muted\">\n <path d=\"M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z\"></path>\n</svg>\n <span data-view-component=\"true\" class=\"position-relative\"><a data-hydro-click=\"{"event_type":"user_profile.click","payload":{"profile_user_id":654344,"target":"PINNED_REPO","user_id":null,"originating_url":"https://github.com/mgeeky"}}\" data-hydro-click-hmac=\"1306c64f4222a717251a3b4998241a071302a75e1f2bb946b62d439f6411b7fd\" id=\"457073969\" href=\"/mgeeky/PackMyPayload\" data-view-component=\"true\" class=\"Link mr-1 text-bold wb-break-word\">\n<span class=\"repo\">PackMyPayload</span>\n</a><tool-tip id=\"tooltip-39244df5-414c-49f4-b6b1-d26b82c16b1a\" for=\"457073969\" popover=\"manual\" data-direction=\"s\" data-type=\"label\" data-view-component=\"true\" class=\"sr-only position-absolute\">PackMyPayload</tool-tip></span> <span></span><span class=\"Label Label--secondary v-align-middle mt-1 no-wrap v-align-baseline Label--inline\">Public</span>\n </div>\n </div>\n\n\n <p class=\"pinned-item-desc color-fg-muted text-small mt-2 mb-0\">\n A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX\n </p>\n\n <p class=\"mb-0 mt-2 f6 color-fg-muted\">\n <span class=\"d-inline-block mr-3\">\n <span class=\"repo-language-color\" style=\"background-color: #3572A5\"></span>\n <span itemprop=\"programmingLanguage\">Python</span>\n</span>\n\n <a href=\"/mgeeky/PackMyPayload/stargazers\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"stars\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-star\">\n <path d=\"M8 .25a.75.75 0 0 1 .673.418l1.882 3.815 4.21.612a.75.75 0 0 1 .416 1.279l-3.046 2.97.719 4.192a.751.751 0 0 1-1.088.791L8 12.347l-3.766 1.98a.75.75 0 0 1-1.088-.79l.72-4.194L.818 6.374a.75.75 0 0 1 .416-1.28l4.21-.611L7.327.668A.75.75 0 0 1 8 .25Zm0 2.445L6.615 5.5a.75.75 0 0 1-.564.41l-3.097.45 2.24 2.184a.75.75 0 0 1 .216.664l-.528 3.084 2.769-1.456a.75.75 0 0 1 .698 0l2.77 1.456-.53-3.084a.75.75 0 0 1 .216-.664l2.24-2.183-3.096-.45a.75.75 0 0 1-.564-.41L8 2.694Z\"></path>\n</svg>\n 843\n </a>\n <a href=\"/mgeeky/PackMyPayload/forks\" class=\"pinned-item-meta Link--muted\">\n <svg aria-label=\"forks\" role=\"img\" height=\"16\" viewBox=\"0 0 16 16\" version=\"1.1\" width=\"16\" data-view-component=\"true\" class=\"octicon octicon-repo-forked\">\n <path d=\"M5 5.372v.878c0 .414.336.75.75.75h4.5a.75.75 0 0 0 .75-.75v-.878a2.25 2.25 0 1 1 1.5 0v.878a2.25 2.25 0 0 1-2.25 2.25h-1.5v2.128a2.251 2.251 0 1 1-1.5 0V8.5h-1.5A2.25 2.25 0 0 1 3.5 6.25v-.878a2.25 2.25 0 1 1 1.5 0ZM5 3.25a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Zm6.75.75a.75.75 0 1 0 0-1.5.75.75 0 0 0 0 1.5Zm-3 8.75a.75.75 0 1 0-1.5 0 .75.75 0 0 0 1.5 0Z\"></path>\n</svg>\n 134\n </a>\n </p>\n "
]
}
{
"accept-ranges": "bytes",
"cache-control": "max-age=0, private, must-revalidate",
"content-encoding": "gzip",
"content-security-policy": "default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions copilot-proxy.githubusercontent.com/v1/engines/copilot-ppe-centralus-4o-mini/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/copilot-ppe-centralus-4o-mini/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/",
"content-type": "text/html; charset=utf-8",
"date": "Mon, 16 Sep 2024 20:10:04 GMT",
"etag": "537a79d65574d89c771540ca538a613d",
"referrer-policy": "origin-when-cross-origin, strict-origin-when-cross-origin",
"server": "GitHub.com",
"set-cookie": "logged_in=no; Path=/; Domain=github.com; Expires=Tue, 16 Sep 2025 20:10:03 GMT; HttpOnly; Secure; SameSite=Lax",
"strict-transport-security": "max-age=31536000; includeSubdomains; preload",
"transfer-encoding": "chunked",
"vary": "X-Requested-With, X-PJAX-Container, Turbo-Frame, Turbo-Visit, Accept-Encoding, Accept, X-Requested-With",
"x-content-type-options": "nosniff",
"x-frame-options": "deny",
"x-github-request-id": "D12C:3659E1:5008A0:6D8793:66E89099",
"x-xss-protection": "0"
}