Former attempt at creating a independent Cobalt Strike Beacon
Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
Web path scanner
Query DNS records.
DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.
Data exfiltration over DNS request covert channel
Extract mfg.dat and AT&T root certs from BGW210 or NVG599
Experiment on reproducing Obfuscate & Sleep
Public variation of FOLIAGE ( original developer )
HID iClass key diversification script
Standalone binaries for Linux/Windows of Impacket's examples
kernel to user mode APC injector
A little toolbox to play with Microsoft Kerberos in C
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: https://www.youtube.com/watch?v=Ul8uPvlOsug
Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.
Public variation of Titan Loader
Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits