beerandgin's repositories
ASPJinjaObfuscator
Heavily obfuscated ASP web shell generation tool.
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
awesome-annual-security-reports
A curated list of annual cyber security reports
Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
C2
A basic C2 framework written in C
conpass
Continuous password spraying tool
cookie-monster
BOF to steal browser cookies
CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
CVE-2024-26229-BOF
BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel
DV_NEW
This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
EDR-XDR-AV-Killer
Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
GoRedOps
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
HSC24RedTeamInfra
Slides and Codes used for the workshop Red Team Infrastructure Automation
InsightEngineering
Hardcore Debugging
MagicDot
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
One-Liners
A collection of awesome one-liners for bug bounty hunting.
Pyramid
a tool to help operate in EDRs' blind spots
RWX_MEMEORY_HUNT_AND_INJECTION_DV
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
security-notes
Markdown repo for notes on all things redteaming
ShadowClone
Unleash the power of cloud
tiny-AES-c
Small portable AES128/192/256 in C
UltimateWDACBypassList
A centralized resource for previously documented WDAC bypass techniques
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
Web-Application-Pentest-Checklist
This is one of the largest checklist available so far on the Internet.