AviOz's repositories
Proxylogon-exploit
proxylogon exploit - CVE-2021-26857
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Atomic-Red-Team-Intelligence-C2
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
BadOutlook
(kinda) Malicious Outlook Reader
bypassAV-1
免杀shellcode加载器
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Cobalt4.4
WIPE YOUR ASS WITH THE REAL COBALT STRIKE
CVE-2021-1675
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
CVE-2021-1676
C# and Impacket implementation of CVE-2021-1675/PrintNightmare
CVE-2021-40444
CVE-2021-40444 PoC
HTTP-revshell
Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware
InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
ItWasAllADream
A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Povlsomware
Extensionless Ransomware written in C#. Fully compatible with Cobalt Strikes "Execute-Assembly" and Metasploits "Execute_dotnet_assembly". Does not spread laterally, and thus make for an excellent Ransomware Proof of Concept and/or for testing AV Vendors claim of "Ransomware Protection".
ProxyLogon-1
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)
proxylogscan
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
SharpSMBSpray
Spray a hash via smb to check for local administrator access
SonicWall_SSL-VPN_EXP
SonicWALL SSL-VPN Web Server Vulnerable Exploit
SpoolSploit
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
UAC_Exploit
Escalate as Administrator bypassing the UAC affecting administrator accounts only.
zerologon
Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMB