attackdeveloper

AggressorScripts

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

Amsi-Bypass-Powershell

This repo contains some Amsi Bypass methods i found on different Blog Posts.

CallObfuscator

Obfuscate specific windows apis with different apis

CasperStager

PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.

Covenant

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.

CrackMapExec

A swiss army knife for pentesting networks

defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27

defcon_27_windbg_workshop

DEFCON 27 workshop - Modern Debugging with WinDbg Preview

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies from memory and runs them with parameters

EvilClippy

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

injectAllTheThings

Seven different DLL injection techniques in one single project.

injection

injection-1

Windows process injection methods

InjectProc

InjectProc - Process Injection Techniques [This project is not maintained anymore]

Internal-Monologue

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Offensive-Security-OSCP-Cheatsheets

OSCP Cheatsheets, Pentesting / Red Teaming Tools and Techniques

Rubeus

Trying to tame the three-headed dog.

SafetyKatz

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

Seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Sharp-Suite

My musings with C#

SharpDPAPI

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

SharpDump

SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.

SharpRoast

SharpRoast is a C# port of various PowerView's Kerberoasting functionality.

SharpShooter

Payload Generation Framework

SharpTask

SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.

SharpUp

SharpUp is a C# port of various PowerUp functionality.

SharpWMI

SharpWMI is a C# implementation of various WMI functionality.

TikiTorch

Process Hollowing

Tokenvator

A tool to elevate privilege with Windows Tokens

vulcan

a tool to make it easy and fast to test various forms of injection