Matt Creel's starred repositories
HiddenDesktop
HVNC for Cobalt Strike
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
BloodHound
Six Degrees of Domain Admin
chainbreaker
Mac OS X Keychain Forensic Tool
ChromeKatz
Dump cookies and credentials directly from Chrome/Edge process memory
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
cuddlephish
Weaponized Browser-in-the-Middle (BitM) for Penetration Testers
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
lsa-whisperer
Tools for interacting with authentication packages using their individual message protocols
PersistBOF
A BOF to automate common persistence tasks for red teamers
cThreadHijack
Beacon Object File (BOF) for remote process injection via thread hijacking
bof-collection
Collection of Beacon Object Files (BOF) for Cobalt Strike
awesome-password-spraying
Everything and anything related to password spraying
w32t-client
An example MS-W32T client to show how to use midl.exe in a project managed by CMake
terminal_sync
A standalone tool for logging shell commands to GhostWriter automatically
TimeStomp_bof
This is a very simple BOF written for Cobalt Strike and other post exploitation frameworks that I reimplemented from one of my C++ tools. Timestomps a target file to have the time attributes match those of a source file on the same Windows system.
ludus_ansible_role_template
A template for developers to use as a starting point for Ludus ansible roles