emdnaia

AD_Miner

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

Amsi-Bypass-Powershell

This repo contains some Amsi Bypass methods i found on different Blog Posts.

ansible-havoc

Scripts I use to deploy Havoc on Linode and setup categorization and SSL

Arjun

HTTP parameter discovery suite.

CVE-2024-26229

CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code

CVE-2024-29849

Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)

CVE-2024-29855

PoC for the Veeam Recovery Orchestrator Authentication CVE-2024-29855

CVE-2024-29943

A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE

debloat

A GUI and CLI tool for removing bloat from executables

Disable-TamperProtection

A POC to disable TamperProtection and other Defender / MDE components

EDR-XDR-AV-Killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Evilginx-Phishing-Infra-Setup

Evilginx Phishing Engagement Infrastructure Setup Guide

File-Tunnel

Tunnel TCP connections through a file

fragtunnel

Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation firewalls en route to the target.

gimmick

Section-based payload obfuscation technique for x64

GraphSpy

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Packer_Development

Offensive Packer Development

PE-LiteScan

A simple crossplatform heuristic PE-analyzer

PPID-Spoofing

Parent Process ID Spoofing, coded in CGo.

RdpStrike

Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.

RemoteKrbRelay

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

RflDllOb

Reflective DLL Injection - M++

RingQ

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

ruler

A tool to abuse Exchange services

SharpIncrease

Evade Everything

sqlmc

Official Kali Linux tool to check all urls of a domain for SQL injections :)

TrollAMSI

Voidgate

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.

wesng

Windows Exploit Suggester - Next Generation