Stars
Executes PowerShell from an unmanaged process
early cascade injection PoC based on Outflanks blog post
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
Extract and execute a PE embedded within a PNG file using an LNK file.
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…
Executing a .NET Assembly from C++ in Memory (CLR Hosting)
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
Free to use http, socks4 and socks5 proxies updated every 30 minutes.
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.
Use NT Native Registry API to create a registry that normal user can not query.
Port of PyWebDAV to python3, originally from http://code.google.com/p/pywebdav/
Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Collection of Cyber Threat Intelligence sources from the deep and dark web
PowerShell rebuilt in C# for Red Teaming purposes
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
Please no pull requests for this repository. Thanks!
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
A discord token grabber, crypto wallet stealer, cookie stealer, password stealer, file stealer etc. app written in Python.