🧰 tools
Convert shellcode generated using pe_2_shellcode to cdb format.
A swiss army knife for pentesting networks
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PingCastle - Get Active Directory Security at 80% in 20% of the time
Nmap - the Network Mapper. Github mirror of official SVN repository.
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
grep rough audit - source code auditing tool
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
My implementation of enSilo's Process Doppelganging (PE injection technique)
Adaptive DLL hijacking / dynamic export forwarding
Deserialization payload generator for a variety of .NET formatters
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
This repo covers some code execution and AV Evasion methods for Macros in Office documents
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Automated Red Team Infrastructure deployement using Docker
Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
Single stub direct and indirect syscalling with runtime SSN resolving for windows.