funnybananas's repositories
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
BOFs
Collection of Beacon Object Files
Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
CS_Uploads_Tracker
Aggressor script add-in for CobaltStrike to track file uploads
CVE-2023-46747-RCE
exploit for f5-big-ip RCE cve-2023-46747
Cybersecurity-Tradecraft
A repo to support the book
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
dot-files
Dotfiles repository
namebuster
A tool for username enumeration, using text, files, or websites
NfSpy
ID-spoofing NFS client
NimlineWhispers
A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
GOAD
game of active directory
import-owned-users-bloodhound
script to import owned users in bloodhound
NimGetWindowClasses
Enumerates windows and returns the title (if any), PID, and Window Class Name.
nimview
A Nim/Webview based helper to create Desktop/Server applications with Nim/C/C++ and HTML/CSS
Operational-Security-101
A repository of advice and guides to share with friends and family who are concerned about their safety during online activities and the security of their devices.
SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
vim-config
A repository containing Vim configurations that set up specific development environments.
Vundle.vim
Vundle, the plug-in manager for Vim
Watson
Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities