SkysNotes's repositories
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
Havoc
The Havoc Framework.
windows-security-internals
A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
Jigsaw
Hide shellcode by shuffling bytes into a random array and reconstruct at runtime
SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
HuffLoader
Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Ldr
ligolo-mp
Multiplayer pivoting solution
MAAS
Malware As A Service
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. (In Construction)
how2heap
A repository for learning various heap exploitation techniques.
Cloud-Security
This Repo serves as a collection of shared security and penetration testing resources for the cloud.
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
CryptoChat
CryptChat: Beyond Secure Messaging 🛡️
GOAD
game of active directory
inceptor
Template-Driven AV/EDR Evasion Framework
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
ProcessInjection
This program is designed to demonstrate various process injection techniques
ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
x8
Hidden parameters discovery suite
JSFScan.sh
Automation for javascript recon in bug bounty.
cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
LinkFinder
A python script that finds endpoints in JavaScript files