{"payload":{"pageCount":1,"repositories":[{"type":"Public","name":"FastBTCParser","owner":"nccgroup","isFork":false,"description":"A somewhat fast bitcoin blockchain parser to extract stats and ordinals files","topicNames":["bitcoin","blockchain","ordinals","locking-scripts"],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":5,"forksCount":2,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-06-08T14:56:14.062Z"}},{"type":"Public","name":"SocksOverRDP","owner":"nccgroup","isFork":false,"description":"Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":1016,"forksCount":168,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-11-02T18:34:42.566Z"}},{"type":"Public","name":"mimikatz-detector-condrv","owner":"nccgroup","isFork":false,"description":"The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent to or from the ConDrv. ConDrv is a device created by condrv.sys, which handles the traffic between the Console Application (cmd/powershell/etc) and the actual console (conhost.exe).","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":33,"forksCount":4,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-09-06T13:07:06.801Z"}},{"type":"Public","name":"DetectWindowsCopyOnWriteForAPI","owner":"nccgroup","isFork":false,"description":"Enumerate various traits from Windows processes as an aid to threat hunting","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":1,"starsCount":177,"forksCount":30,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-01-13T06:20:09.399Z"}},{"type":"Public","name":"TPMGenie","owner":"nccgroup","isFork":false,"description":"TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules","topicNames":["raspberry-pi","security","arduino","teensy","hardware","tpm","trusted-platform-module","interposer"],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":4,"starsCount":205,"forksCount":23,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-01-04T15:49:11.507Z"}},{"type":"Public","name":"ICPin","owner":"nccgroup","isFork":false,"description":"An Integrity-Check Monitoring Pintool","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":1,"starsCount":54,"forksCount":10,"license":"GNU General Public License v2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2020-11-02T20:54:44.724Z"}},{"type":"Public","name":"WindowsMemPageDelta","owner":"nccgroup","isFork":false,"description":"A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":1,"starsCount":28,"forksCount":5,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2020-10-07T06:53:35.016Z"}},{"type":"Public","name":"BLEBoy","owner":"nccgroup","isFork":false,"description":"BLEBoy is a training tool to teach users about BLE security by providing a single BLE peripheral that can be used to experiment with each BLE pairing method and demonstrates GATT security concepts.","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":2,"issueCount":1,"starsCount":37,"forksCount":6,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2019-10-25T22:14:04.491Z"}},{"type":"Public","name":"DIBF","owner":"nccgroup","isFork":false,"description":"Windows NT ioctl bruteforcer and modular fuzzer","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":1,"starsCount":116,"forksCount":30,"license":"GNU General Public License v2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2019-01-15T00:47:57.311Z"}},{"type":"Public","name":"psr","owner":"nccgroup","isFork":false,"description":"Pointer Sequence Reverser - enable you to see how Windows C++ application is accessing a particular data member or object.","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":65,"forksCount":8,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2017-12-18T03:55:46.513Z"}},{"type":"Public","name":"pip3line","owner":"nccgroup","isFork":false,"description":"The Swiss army knife of byte manipulation","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":43,"forksCount":8,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2016-10-09T21:24:06.095Z"}},{"type":"Public","name":"WindowsDACLEnumProject","owner":"nccgroup","isFork":false,"description":"A collection of tools to enumerate and analyse Windows DACLs","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":2,"starsCount":107,"forksCount":45,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2015-07-11T13:26:57.326Z"}},{"type":"Public","name":"WindowsPatchDetector","owner":"nccgroup","isFork":false,"description":"Experimental Windows .text section Patch Detector","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":20,"forksCount":10,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2015-01-26T08:15:48.382Z"}},{"type":"Public","name":"memgrep","owner":"nccgroup","isFork":false,"description":"Memory searching utilities","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":1,"starsCount":43,"forksCount":15,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2013-11-11T13:04:52.124Z"}},{"type":"Public","name":"firstexecution","owner":"nccgroup","isFork":false,"description":"Collection of different ways to execute code outside of the expected entry points","topicNames":[],"topicsNotShown":0,"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":16,"forksCount":11,"license":"GNU Affero General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2013-08-04T13:47:46.000Z"}}],"repositoryCount":15,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"mirror","text":"Mirrors"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"Repositories"}