ceramicskate0

SWELF

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

SharpLeftOvers

A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup

BOF-Builder

C# .Net 5.0 project to build BOF (Beacon Object Files) in mass

AddReferenceDotRedTeam

A PoC to show how to add code to C# and dotNet and make it reusable for Red Team operations. Maybe one day it will be the largest collection of C# red team projects in 1 Lib.

sysmon-config

CeramicSkate0 Sysmon configuration fork file template with default high-quality event tracing

Scripts

Scripts to do random tasks that may or may not be security related

Ceramic

Dotnet 5 Red Teaming C# Application

PWK

Notes I made during my time working on PWK.

DllComparer

This is a C# application that (once its finished) will be able to extract DLL information from running processes and conduct limited reporting on that data for analysis.

BadStrings

List of Bad Strings for red teamers

ceramicskate0

CSharp-ReadProcessMem

A umm POC for reading process mem. Say for RDP creds.

Outlook_Data_Exfil

DLL/plugin that is a POC for data exfil via Outlook

PiHoleBlockList

Personnel PiHole Block List

AutoUpdateSysmonEXE

CobaltStrike

CobaltStrike's source code

LinuxConfigs

Config files for various linux services.

REDSharpScripts

SWELF-PluginHelpers

With the introduction of plugins for SWELF a need for helpers has come up and posted works will go here.

SharpDecption

DotDecption or SharpDecption is a CSharp Application desigbned to mimic appllication crash via c# great of execute-assembly to get a helpdesk login

ceramic-skate0

ceramicskate0.github.io

Personal Page

Covenant

Covenant is a collaborative .NET C2 framework for red teamers.

HideCode

Hide code from dnSpy and other C# spying tools

InlineExecute-Assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

lanturtle-modules

Module and Upgrade Repository for the Hak5 LAN Turtle

LinuxConfigs-1

My thoughts on various linux config file. Used to standardize stuff.

NET-Obfuscate

Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI

SharpC2

.NET C2 Framework Proof of Concept

Zeta

Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger