My Projects

Here are some of my projects!

📚 Courses

Practical Malware Analysis & Triage teaches you the fundamentals of malware analysis for less than the cost of three bottles of water in Downtown Manhattan. Over 3500 students worldwide!

Check out the preview videos below:

Whoami & Course Overview

Learn the state of the art of practical malware analysis ant triage and stop the hackers in their tracks

academy.tcm-sec.com

BlueJupyter: Automating Triage with Jupyter Notebooks

All samples located in PMAT-labs/labs/5-1.Automation-BlueJupyter/FORTRIAGE.7z Note: For this section of the course, I am working on my Linux development workstation. This is outside of my lab environment. I confirmed that Blue-Jupyter functions as intended if you install it on REMnux, so feel free to carefully add REMnux back onto a NAT adapter and follow the install instructions for Blue-Jupyter.

academy.tcm-sec.com

BlueJupyter: Automating Triage with Jupyter Notebooks

Detonating Our First Sample

Learn the state of the art of practical malware analysis ant triage and stop the hackers in their tracks

academy.tcm-sec.com

Analyzing Word Maldocs: Remote Template Macro Injection

Learn the state of the art of practical malware analysis ant triage and stop the hackers in their tracks

academy.tcm-sec.com

Analyzing Word Maldocs: Remote Template Macro Injection

📜 My GitHub

I’m always up to something over on my GitHub page.

HuskyHacks - Overview

📕 Teaching 🖥️ Hacking 📕 🖥️ Teaching Hacking 🐈‍⬛ My cat Cosmo 📒 Learning stuff 🌎 Publishing open source 🦇 The Dracula Theme ⚔️ USMC (Intel, IT Admin) 🧪 MIT Lincoln Laboratory (Lead Cybersecurity Analyst, Space Systems and Technology Research Division 🛰️) 🏧 [REDACTED] Big Bank 💰 | 🔴 Red Team Operator & Exploit Developer 🌐 SimSpace | Principal Content Architect & Instructor 🏫 Northeastern University | 🅝🅔🅤 🎓 Rochester Institute of Technology | 🆁🅸🆃 Affordable, accessible cybersecurity training content for everyone.

github.com

🌴Notable Selections

🎯 OffensiveNotion: Notion (yes, the notetaking app) as a C2

GitHub - mttaggart/OffensiveNotion: Notion as a platform for offensive operations

Yes. What started as a meme grew into a full project. Just roll with it. Here's our blog post about it: We Put A C2 In Your Notetaking App: OffensiveNotion 📡 A full-featured C2 platform built on the Notion notetaking app.

github.com

GitHub - mttaggart/OffensiveNotion: Notion as a platform for offensive operations

🔬 PMAT-Labs

GitHub - HuskyHacks/PMAT-labs: Labs for Practical Malware Analysis & Triage

Welcome to the labs for Practical Malware Analysis & Triage. Read this carefully before proceeding. This repository contains live malware samples for use in the Practical Malware Analysis & Triage course (PMAT). These samples are either written to emulate common malware characteristics or are live, real world, "caught in the wild" samples.

github.com

GitHub - HuskyHacks/PMAT-labs: Labs for Practical Malware Analysis & Triage

🥷🏼ShadowSteal: Pure Nim POC for exploiting CVE-2021-36934

GitHub - HuskyHacks/ShadowSteal: Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM Local Privilege Escalation (LPE). Not OPSEC safe.... yet ;). I do not claim credit for the discovery of this exploit. Getting started with ShadowSteal is now easier than ever thanks to Docker! Don't wanna mess with installing Nim dependencies? I got you, fam!

github.com

GitHub - HuskyHacks/ShadowSteal: Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

🧪 Research

👑 The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk - 1/25/22

GitHub - HuskyHacks/the-crown-defcon615: Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk

Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk This entire talk is a series of Jupyter Notebooks! Want to check it out but don't want to download and set everything up? Just click on and the Jupyter Notebook will render in your browser through the GitHub page.

github.com

GitHub - HuskyHacks/the-crown-defcon615: Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk

🐛 CVEs

CVE-2021-38699: Stored/Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS

GitHub - HuskyHacks/CVE-2021-38699-Reflected-XSS: Multiple Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS

Multiple Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS - GitHub - HuskyHacks/CVE-2021-38699-Reflected-XSS: Multiple Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS

github.com

GitHub - HuskyHacks/CVE-2021-38699-Reflected-XSS: Multiple Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS