#
Lists (1)
Starred repositories
A modern 32/64-bit position independent implant template
A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from …
Open Adversary Exposure Validation Platform
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …
Customizable Linux Persistence Tool for Security Research and Detection Engineering.
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…
📚 Large base of PowerShell notes in ru language (Сheat Sheet & Documentation).
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
Shikata ga nai (仕方がない) encoder ported into go with several improvements
Red Team Attack Lab for TTP testing & research
Another Windows Local Privilege Escalation from Service Account to System
Windows Privilege Escalation from User to Domain Admin.
Reverse shell generator written in Python 3.
A centralized resource for previously documented WDAC bypass techniques
Azure Red Team tool for graphing Azure and Azure Active Directory objects
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
Executes PowerShell from an unmanaged process
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
Notes, red team materials, testing tools, etc.