Mr-B0b

SpaceRunner

This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.

BloodCheck

BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.

TamperMonkeyScripts

Scripts collection to use with the Tampermonkey extension

SharpDllProxy

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

BloodHound

Six Degrees of Domain Admin

impacket

Impacket is a collection of Python classes for working with network protocols.

cobalt_strike_extension_kit

Tired of typing execute-assembly everytime you use Cobalt Strike? Clone this.

CrackMapExec

A swiss army knife for pentesting networks

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

DetectionLab

Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

DotNetToJScript

A tool to create a JScript file which loads a .NET v2 assembly from memory.

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

GadgetToJScript

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

github1s

One second to read GitHub code with VS Code.

InveighZero

Windows C# LLMNR/mDNS/NBNS/DNS spoofer/man-in-the-middle tool

invoke-atomicredteam

Mr-B0b.github.io

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PrivescCheck

Privilege Escalation Enumeration Script for Windows

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Rubeus

Trying to tame the three-headed dog.

SharpDPAPI

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

SharpHound

The BloodHound C# Ingestor

SharpHound3

SharpUp

SharpUp is a C# port of various PowerUp functionality.

SharpWMI

SharpWMI is a C# implementation of various WMI functionality.

SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

SprayingToolkit

Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient