Ecosyste.ms sponsors
An open API service aggregating public data about GitHub Sponsors.
An open API service aggregating public data about GitHub Sponsors.
🔓 Master of the virtual heist. Unlocks cyber doors while wearing a white hat. OSEP-certified ethical hacker, converting caffeine ☕ and curiosity 🤔 into code.
Funding Links: https://github.com/sponsors/fin3ss3g0d
Tier List
$5 a month - Earn a sponsorship badge on your profile.
$10 a month - Gain access to my private Sponsors repository
$10 one time - Get a shout out on Twitter (X)
$25 a month - Gain access to the DragonBot private repository
Hello, I'm Dylan Evans 👋
I'm a passionate cybersecurity professional, dedicated to continuous learning and mastery in the field 🎓. My certifications include:
Offensive Security Experienced Penetration Tester (OSEP),
Offensive Security Certified Professional (OSCP),
Certified Red Team Operator (CRTO) from Zero-Point Security.
Certified Red Team Lead (CRTL) from Zero-Point Security.
My journey in cybersecurity has led me to delve deep into advanced topics, and I've spearheaded complex research into social engineering tactics, including proxy-in-the-middle attacks 🎣.
In my project, EvilGophish, I developed phishlets capable of bypassing multi-factor authentication for big names like Microsoft, KnowBe4, and Cisco VPN portals. I've also introduced social engineering features that are unavailable anywhere else at the time of writing including:
QR code phishing
SMS phishing
Malleability
In addition to my public contributions, I've ventured into private malware development 🦠, crafting solutions that successfully evade detection from leading EDR/XDRs such as CrowdStrike, CyberReason, Cylance, Microsoft Defender for Endpoint (MDE) and SentinelOne. By keeping this code closed-source 🔒, I've ensured its effectiveness in bypassing security solutions. I have experience writing malware in various languages such as C/C++, Assembly, C#, Go, Python, PowerShell and Nim. I have researched and implemented various evasive malware tactics including:
Process injection
Process hollowing
Module stomping
DLL injection
Shellcode loading
Reflective PE/DLL loading
Heap encryption
Stack encryption
Sleep obfuscation
ROP chaining
Direct/Indirect system calls
Hardware breakpoints
ETW/AMSI patching
DLL unhooking
Thread call stack spoofing
PPID spoofing
Token impersonation
In-memory .NET assembly loading
Developing BOFs and BOF loaders
Shellcode fluctuation
Threadless process injection
Proxy DLL loading
My mission 🚀
I strive to build robust, user-friendly tools for the cybersecurity community and advance our collective understanding of the evolving threat landscape. Your sponsorship will enable more in-depth research, the development of new tools, and the sharing of knowledge, all aimed at creating a safer digital world.
Speech recognition 🎤
I am also a huge advocate, supporter, creator, and user of speech recognition products for the disabled or physically injured and in general. I think it is a creative way to reduce strain on the body after exploring it and I have found it to be even more efficient at times than if I were to be using a keyboard and mouse. I created DragonBot as an extension for Dragon NaturallySpeaking which can provide the complete hands-free control of a Microsoft Windows computer via voice commands. Watch the demo here and sponsor the tier for access.
Your support 💖
Every bit of sponsorship is appreciated and will be directly reinvested into the open-source community, enabling ongoing development and exploration of advanced cybersecurity topics.
Thank you for your support and for joining me on this journey.
Contact Information
Questions? Concerns? You can shoot me an email here.
Simple PoC to locate hooked functions by EDR in ntdll.dll
Language: C - Stars: 32evilginx3 + gophish
Language: Go - Stars: 1671Python3 terminal application that contains 405 Neo4j cyphers for BloodHound data sets and 388 GUI cyphers
Language: Python - Stars: 374Enhanced version of secretsdump.py from Impacket. Adds multi-threading and accepts an input file with a list of target hosts for simultaneous secrets extraction.
Language: Python - Stars: 204Work, timer, and wait callback example using solely Native Windows APIs.
Language: C - Stars: 83