Add: hackerhouse-opensource/SignToolEx to Defense Evasion section

.github/workflows/awesome.yml

@@ -14,4 +14,4 @@ jobs:
     - name: Build and test with awesome_bot
       run: |
         gem install awesome_bot
-        awesome_bot README.md --white-list LICENSE,emailrep.io,dnsdumpster.com,"github.com/pe3zx/my-infosec-awesome/actions","tuts4you.com/download.php?list.17","ethtx.info",'osint.sh','start.me' --allow-ssl --allow-redirect --allow 429
+        awesome_bot README.md --white-list LICENSE,emailrep.io,dnsdumpster.com,"github.com/pe3zx/my-infosec-awesome/actions","tuts4you.com/download.php?list.17","ethtx.info",'osint.sh','start.me' --allow-ssl --allow-redirect --allow 429,403

Offensive.md

@@ -506,6 +506,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/hasherezade/masm_shc">hasherezade/masm_shc</a></td>
         <td>A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/Idov31/Nidhogg">Idov31/Nidhogg</a></td>
+        <td>Nidhogg is an all-in-one simple to use rootkit for red teams.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/JamesCooteUK/SharpSphere">JamesCooteUK/SharpSphere</a></td>
         <td>.NET Project for Attacking vCenter</td>
@@ -1492,6 +1496,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/GoodstudyChina/APC-injection-x86-x64">GoodstudyChina/APC-injection-x86-x64</a></td>
         <td>injdrv is a proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/hackerhouse-opensource/SignToolEx">hackerhouse-opensource/SignToolEx</a></td>
+        <td>Patching "signtool.exe" to accept expired certificates for code-signing.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/HackOvert/AntiDBG">HackOvert/AntiDBG</a></td>
         <td>A bunch of Windows anti-debugging tricks for x86 and x64.</td>

README.md

@@ -205,10 +205,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/ScarredMonk/SysmonSimulator">ScarredMonk/SysmonSimulator</a></td>
         <td>Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.</td>
     </tr>
-    <tr>
-        <td><a href="https://github.com/scythe-io/community-threats">scythe-io/community-threats</a></td>
-        <td>The GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.</td>
-    </tr>
     <tr>
         <td><a href="https://github.com/SecurityRiskAdvisors/VECTR">SecurityRiskAdvisors/VECTR</a></td>
         <td>VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios</td>
@@ -543,10 +539,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/s0md3v/XSStrike">s0md3v/XSStrike</a></td>
         <td>Most advanced XSS detection suite</td>
     </tr>
-    <tr>
-        <td><a href="https://github.com/salesforce/DazedAndConfused">salesforce/DazedAndConfused</a></td>
-        <td>DazedAndConfused is a tool to help determine dependency confusion exposure.</td>
-    </tr>
     <tr>
         <td><a href="https://github.com/Screetsec/Sudomy">Screetsec/Sudomy</a></td>
         <td>Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting</td>
@@ -848,10 +840,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/loov/lensm">loov/lensm</a></td>
         <td>Go assembly and source viewer</td>
     </tr>
-    <tr>
-        <td><a href="https://maat.re/index.html">Maat</a></td>
-        <td>Maat is an open-source symbolic execution framework that can be used for binary analysis, reverse-engineering, and vulnerability research.</td>
-    </tr>
     <tr>
         <td><a href="https://github.com/mandiant/dncil">mandiant/dncli</a></td>
         <td>The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.</td>
@@ -1877,6 +1865,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/nannib/Imm2Virtual">nannib/Imm2Virtual</a></td>
         <td>This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD(Raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/Neo23x0/god-mode-rules">Neo23x0/god-mode-rules</a></td>
+        <td>God Mode Detection Rules</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/Netflix/dispatch">Netflix/dispatch</a></td>
         <td>All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!</td>
@@ -2337,10 +2329,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/alexandreborges/malwoverview">alexandreborges/malwoverview</a></td>
         <td>Malwoverview.py is a simple tool to perform an initial and quick triage on either a directory containing malware samples or a specific malware sample</td>
     </tr>
-    <tr>
-        <td><a href="https://androscope.fortinet-cse.com/">Androscope</a></td>
-        <td>the Android Malware Microscope</td>
-    </tr>
     <tr>
         <td><a href="https://cse.google.com/cse/publicurl?cx=003248445720253387346:turlh5vi4xc">APT Groups, Operations and Malware Search Engine</td>
         <td>APT Groups, Operations and Malware Search Engine</td>
@@ -2634,10 +2622,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://marcoramilli.com/malware/">Malware Static Analysis</a></td>
         <td>The following interface stands in front of a live engine which takes binary files and runs them against a pletora of hundreds YARA rules.</td>
     </tr>
-    <tr>
-        <td><a href="https://github.com/marcoramilli/PhishingKitTracker">marcoramilli/PhishingKitTracker</a></td>
-        <td>An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats</td>
-    </tr>
     <tr>
         <td><a href="https://github.com/matterpreter/DefenderCheck">matterpreter/DefenderCheck</a></td>
         <td>Identifies the bytes that Microsoft Defender flags on.</td>
@@ -3076,10 +3060,6 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/nesfit/NetfoxDetective/">nesfit/NetfoxDetective</a></td>
         <td>NFX Detective is a novel Network forensic analysis tool that implements methods for extraction of application content from communication using supported protocols.</td>
     </tr>
-    <tr>
-        <td><a href="https://scan.netlab.360.com">NetworkScan Mon</a></td>
-        <td>NetworkScan Monitor by Netlab 360</td>
-    </tr>
     <tr>
         <td><a href="https://github.com/odedshimon/BruteShark">odedshimon/BruteShark</a></td>
         <td>BruteShark is a Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic (mainly PCAP files)</td>