cola8888

OSEP-Breaking-Chains

A collection of code snippets built to assist with breaking chains.

OffensiveVBA

This repo covers some code execution and AV Evasion methods for Macros in Office documents

spoofing-office-macro

:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.

SharpKatz

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

Pentest-Tools-Collection

ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

CrossC2

generate CobaltStrike's cross-platform payload

micr0_shell

micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.

BloodHoundQueries

PowerSharpPack

BadAssMacros

BadAssMacros - C# based automated Malicous Macro Generator.

OSEP

PEN-300 collection to help you on your exam.

aes_dinvoke

a repository that contains the program.cs source file that has D/Invoke bare minimum implementation and AES encryption for shellcode execution

SQLRecon

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

impacket

Impacket is a collection of Python classes for working with network protocols.

Windows_x64_Tcp_Reverse_Shell_Shellcode

Null-free shellcode for TCP reverse shell on Windows x64

ntqueueapcthreadex-ntdll-gadget-injection

This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.

Codecepticon

.NET/PowerShell/VBA Offensive Security Obfuscator

VineShield

🛡Obfuscation tool for all executing files and scripts written on python 3

Harriet

This repo is a resource for various red teaming techniques and tools based on open source software and non-commerical tools.

SharpWhispers

C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.

Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

NimBlackout

Kill AV/EDR leveraging BYOVD attack

HadesLdr

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

SyscallTables

Windows NT Syscall tables

rust_image_shellcode_loader

BokuLoader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

RecycledInjector

Native Syscalls Shellcode Injector

ScareCrow

ScareCrow - Payload creation framework designed around EDR bypass.

PPIDSpoof

PPID Spoofing and blocking Non-Microsoft DLLs POC in C#