Stars
CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
Cybersecurity AI (CAI), an open Bug Bounty-ready Artificial Intelligence
RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
A command line C# REPL with syntax highlighting – explore the language, libraries and nuget packages interactively.
Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
Simple (relatively) things allowing you to dig a bit deeper than usual.
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …
rasta-mouse / ThreatCheck
Forked from matterpreter/DefenderCheckIdentifies the bytes that Microsoft Defender / AMSI Consumer flags on.
A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and indirect NTAPIs for core operations.
control your Linux OS computer through Telegram
「🔑」A tool used to hunt down API key leaks in JS files and pages
POC FortiOS SSL-VPN buffer overflow vulnerability
Collection of PoC and offensive techniques used by the BlackArrow Red Team
Rust Weaponization for Red Team Engagements.
Manipulating and Abusing Windows Access Tokens.
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.