James Yeung's repositories
SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
bofhound
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
CsWhispers
Source generator to add D/Invoke and indirect syscall methods to a C# project.
InjectKit
Modified versions of the Cobalt Strike Process Injection Kit
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
Training-MSOfficeOffensiveTradecraft
Info related to the Outflank training: Microsoft Office Offensive Tradecraft
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
SuperSharpShares
SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your associated domain account.
Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Cloudflare-Redirector
Just another C2 Redirector using CloudFlare.
DynamicDotNet
A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
ClickOnce-AppDomain-Manager-Injection
Click Once + App Domain
Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
ADOKit
Azure DevOps Services Attack Toolkit
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
EnumEDR
Some .Net assemblies used to enumerate a host. Best when they are loaded in to memory.
LocklessBof
Lockless BOF
SharpLateral
Lateral Movement
wifi-pentesting-guide
WiFi Penetration Testing Guide
LdrLibraryEx
A small x64 library to load dll's into memory.
cookie-monster
BOF to steal browser cookies
SharpExShell
SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.