attackdeveloper's repositories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
CallObfuscator
Obfuscate specific windows apis with different apis
CasperStager
PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
Covenant
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
CrackMapExec
A swiss army knife for pentesting networks
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27
defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies from memory and runs them with parameters
EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
injectAllTheThings
Seven different DLL injection techniques in one single project.
injection-1
Windows process injection methods
InjectProc
InjectProc - Process Injection Techniques [This project is not maintained anymore]
Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
Offensive-Security-OSCP-Cheatsheets
OSCP Cheatsheets, Pentesting / Red Teaming Tools and Techniques
Rubeus
Trying to tame the three-headed dog.
SafetyKatz
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
Sharp-Suite
My musings with C#
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
SharpDump
SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
SharpRoast
SharpRoast is a C# port of various PowerView's Kerberoasting functionality.
SharpShooter
Payload Generation Framework
SharpTask
SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
SharpUp
SharpUp is a C# port of various PowerUp functionality.
SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
TikiTorch
Process Hollowing
Tokenvator
A tool to elevate privilege with Windows Tokens
vulcan
a tool to make it easy and fast to test various forms of injection