Beast code in Giters

galoryber's starred repositories

profiler-lateral-movement

Lateral Movement via the .NET Profiler

Language:C++6500

decode-spam-headers

A script that helps you understand why your E-Mail ended up in Spam

Language:PythonMIT52800

openvasreporting

OpenVAS Reporting: Convert OpenVAS XML report files to reports

Language:PythonNOASSERTION12200

PyOTI

Python library for threat intelligence

Language:PythonGPL-3.07400

fabric

fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

Language:PythonMIT1936800

SharpSystemTriggers

Collection of remote authentication triggers in C#

Language:C43700

SharpTokenFinder

C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps

Language:C#MIT12800

PastDSE

DSE bypass using a leaked cert and adjusting the current clock.

Language:C12900

PackMyPayload

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Language:PythonMIT82200

Parasite-Invoke

Hide your P/Invoke signatures through other people's signed assemblies

Language:C#19500

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

Language:PythonMIT47000

dot

The Deepfake Offensive Toolkit

Language:PythonBSD-3-Clause402000

Docker-OSX

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

Language:ShellGPL-3.03622100

SWH-Injector

An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.

Language:C++21800

dnMerge

A lightweight .NET assembly dependency merger that uses dnLib and 7zip's LZMA SDK for compressing dependant assemblies.

Language:C#9800

JayFinder

Find DLLs with RWX section

Language:C#7400

LdrLockLiberator

For when DLLMain is the only way

Language:CMIT32900

lolcerts

A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors

Language:YARAApache-2.030900

PoolPartyBof

A beacon object file implementation of PoolParty Process Injection Technique.

Language:C30300

ThreadlessInject-BOF

BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.

Language:CMIT36000

Evilginx2-Phishlets

Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes

Language:CSS49700

Shellcode-Injection-Techniques

A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.

Language:C#44700

Handly

Abuse leaked token handles.

Language:C#Apache-2.012900

EDRSandblast

Language:C141100

SignToolEx

Patching "signtool.exe" to accept expired certificates for code-signing.

Language:C++26100

Christmas

Language:CMIT24100

ThreadlessInject

Threadless Process Injection using remote function hooking.

Language:C#MIT68900

SingleDose

Generate Shellcode Loaders & Injects

Language:C#BSD-3-Clause15300

galoryber