Bobby Cooke's starred repositories
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
AzureHound
Azure Data Exporter for BloodHound
azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
CVE-2023-3519
RCE exploit for CVE-2023-3519
CVE-2023-27997-check
Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
SharpSword
Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
cve-2022-42475
POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon
halosgate-ps
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes
forticrack
Decrypt encrypted Fortienet FortiOS firmware images
roadtools_hybrid
Hybrid AD utilities for ROADtools
CVE-2022-42475
An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products
CVE-2021-44168
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3.
LibreHealth-authRCE
LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the hosting webserver via uploading a maliciously crafted image.
Armitage-Cortana-Resource-Opener
Open Resource Files in Armitage with Cortana