boku7

Bobby Cooke's repositories

injectEtwBypass

CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)

Language:CGPL-2.0273 80

x64win-AddRdpAdminShellcode

64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"

Language:AssemblyGPL-3.035 70

Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 allows remote attackers to harvest keys pressed via unauthenticated victim clicking malicious URL and typing.

Language:PythonGPL-3.025 60

StockManagement-XSS-Login-CredHarvester

Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.

Language:PythonGPL-3.020 2 1

OffensiveRust

Rust Weaponization for Red Team Engagements.

Language:Rust1300

CVE-2020-23839

Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login Portal

Language:PythonGPL-2.011 30

SCMKit

Source Code Management Attack Toolkit

Language:C#Apache-2.01000

BikeRental-FU-RCE

Language:PythonGPL-3.0800

Ares

Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique

Language:CGPL-3.0500

beacon

Former attempt at creating a independent Cobalt Strike Beacon

Language:Python500

homeRent-SQLi-RCE

House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability allowing remote attackers to execute arbitrary code on the hosting webserver via sending a malicious POST request.

Language:PythonGPL-3.0500

burp-jars

3 20

AceLdr

Cobalt Strike UDRL for memory scanner evasion.

Language:CMIT200

HellsGate

Original C Implementation of the Hell's Gate VX Technique

200

OSEP-Code-Snippets

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

200

TokenTactics

Azure JWT Token Manipulation Toolset

Language:PowerShellBSD-3-Clause2 10

Azur3Alph4

Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved) position.

Language:PowerShellBSD-3-Clause100

cobalt_strike_extension_kit

Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

GPL-3.0100

CVE-2021-1675

Impacket implementation of CVE-2021-1675

Language:Python1 10

KernelCallbackTable-Injection

Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html

Language:C1 10

msspray

Password attacks and MFA validation against various endpoints in Azure and Office 365

Language:PythonMIT1 10

nt5src

Source code of Windows XP (NT5). Leaks are not from me. I just extracted the archive and cabinet files.

100

PrintNightmare

100

CS-Situational-Awareness-BOF

Situational Awareness commands implemented using Beacon Object Files

GPL-2.0000

EDRs

Language:C010

h0mbre.github.io

Language:SCSSMIT000

Malleable-C2-Profiles

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

000

RedLizard

RedLizard Rust TCP Reverse Shell Server/Client

Language:Rust000

SourcePoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

Language:GoMIT000

Talon

(Demo) 3rd party agent for Havoc

Language:C000