RiccardoAncarani

LiquidSnake

LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript

BOFs

Collection of Beacon Object Files (BOFs) for shells and lols

TaskShell

talks

DirSync-Poc

A PoC that uses the DirSync protocol to poll Active Directory for changes

wild-hunt

A collection of tools and offensive techniques aimed at actively finding adversaries

bof-registry

Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry

SharpUp

SharpUp is a C# port of various PowerUp functionality.

OffensivePH

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

riccardoancarani.github.io

:sparkles: Build a beautiful and simple website in literally minutes. Demo at http://deanattali.com/beautiful-jekyll

CheckCert

Obtain and parse SSL certificates

DynamicWrapperEx

x64 Registration-Free In-Process COM Automation Server.

RiccardoAncarani

sakeInject

Windows PE - TLS (Thread Local Storage) Injector in C/C++

sneaky_gophish

Hiding GoPhish from the boys in blue

coffee

A COFF loader made in Rust

DNSStager

Hide your payload in DNS

HiddenDesktop

HVNC for Cobalt Strike

HTTPS_CSharp_Server

Implementing a Multithreaded HTTP/HTTPS Debugging Proxy Server in C# xref. `https://www.codeproject.com/Articles/93301/Implementing-a-Multithreaded-HTTP-HTTPS-Debugging`

InlineZipper

lolcerts

A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors

mq-cli

msldap

LDAP library for auditing MS AD

Obfuscator-LLVM-16.0

Random

Assorted scripts and one off things

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

titan

Titan: A generic user defined reflective DLL for Cobalt Strike

vmprotect-3.5.1

VMProtect-Source

Source of VMProtect (NOT OFFICIALLY)

vxlang-page

protector & obfuscator & code virtualizer