bigbrobro's repositories
wePWNise
WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
DomainFrontingLists
A list of Domain Frontable Domains by CDN
userline
Query and report user logons relations from MS Windows Security Events
InvisiblePersistence
Persisting in the Windows registry "invisibly"
Powermad
PowerShell MachineAccountQuota and DNS exploit tools
CACTUSTORCH
CACTUSTORCH: Payload Generation for Adversary Simulations
memShell
a webshell resides in the memory of java web server
AggressorScripts-1
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Base64-Obfuscator
Simple PowerShell Base64 encoder to avoid detection of your malicious payload
Logpara
一个对常见的web日志进行解析处理的粗糙DEMO
log_parse
mrjob
RedTips
Red Team Tips as posted by @vysecurity on Twitter
process-forest
Reconstruct process trees from event logs
Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
SendMail-with-Attachments
Use powershell to send mail
DCSYNCMonitor
Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.
PreReqTree
UBC Prerequisite parser using natural language processing and graphviz.
NtlmSocks
a pass-the-hash tool
WMI_Monitor
Log newly created WMI consumers and processes to the Windows Application event log
Invoke-SocksProxy
Socks proxy server using powershell.
Google-Domain-fronting
Domain fronting using Google app engine
nightHawkResponse
Incident Response Forensic Framework
csbruter
Cobalt Strike team server password brute force tool
