Stars
Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
A proof of concept for a clickjacking attack on macOS.
Creates a proxy dll which sits between the game and original dll
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
C or BOF file to extract WebKit master key to decrypt user cookie
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
Python3 terminal application that contains 405 Neo4j cyphers for BloodHound data sets and 388 GUI cyphers
Lateral Movement Using DCOM and DLL Hijacking
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
kill anti-malware protected processes ( BYOVD) ( Microsoft Won)
Execute unmanaged Windows executables in CobaltStrike Beacons
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
A workshop about Malware Development
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
Scrape, Hunt, and Transform names and usernames
👋 Stealthy data exfiltration via IPv6 covert channel
Collection of macOS persistence methods and miscellaneous tools in JXA
Create book from markdown files. Like Gitbook but implemented in Rust
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Terraform + Ansible deployment scripts for an Active Directory lab environment.
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel