atropineal's repositories
Anti-DebugNET
C# Anti-Debug and Anti-Dumping techniques using Win32 API functions and tricks.
BOF-DLL-Inject
Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
cobaltstrike_bofs
My CobaltStrike BOFS
CSharpWinRM
.NET 4.0 WinRM API Command Execution
dll-hijack-by-proxying
Exploiting DLL Hijacking by DLL Proxying Super Easily
etl2pcapng
Utility that converts an .etl file containing a Windows network packet capture into .pcapng format.
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
GhostLoader
GhostLoader - AppDomainManager - Injection - 攻壳机动队
ldapdomaindump
Active Directory information dumper via LDAP
ntlm_theft
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
NTLMRawUnHide
NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl
ntlmsspparse
Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker.
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
SharpAppLocker
C# port of the Get-AppLockerPolicy PS cmdlet
SharpDllProxy
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
SharpEDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
SharpHound3
C# Data Collector for the BloodHound Project, Version 3