Solomon Sklash's starred repositories
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
nmap-did-what
Nmap Dashboard Mini Project
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
icmptunnel
Tunnel IP over ICMP.
Invoke-ADEnum
Automate Active Directory Enumeration
IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
ImmoralFiber
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
SteppingStones
A Red Team Activity Hub
Invoke-RunAsWithCert
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
c2-cloud
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.
ShadowStackWalk
Finding Truth in the Shadows
CelestialSpark
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
FetchPayloadFromDummyFile
Construct the payload at runtime using an array of offsets