Bobby Cooke's repositories
injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
x64win-AddRdpAdminShellcode
64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"
tailorMS-rXSS-Keylogger
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 allows remote attackers to harvest keys pressed via unauthenticated victim clicking malicious URL and typing.
StockManagement-XSS-Login-CredHarvester
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.
OffensiveRust
Rust Weaponization for Red Team Engagements.
CVE-2020-23839
Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login Portal
homeRent-SQLi-RCE
House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability allowing remote attackers to execute arbitrary code on the hosting webserver via sending a malicious POST request.
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
TokenTactics
Azure JWT Token Manipulation Toolset
Azur3Alph4
Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved) position.
cobalt_strike_extension_kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
CVE-2021-1675
Impacket implementation of CVE-2021-1675
KernelCallbackTable-Injection
Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
Malleable-C2-Profiles
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
RedLizard
RedLizard Rust TCP Reverse Shell Server/Client
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Talon
(Demo) 3rd party agent for Havoc