henshin

obfus.h

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

BlueDucky

🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)

Parasite-Invoke

Hide your P/Invoke signatures through other people's signed assemblies

Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

AMSITrigger

The Hunt for Malicious Strings

OperatorsKit

Collection of Beacon Object Files (BOF) for Cobalt Strike

GregsBestFriend

GregsBestFriend process injection code created from the White Knight Labs Offensive Development course

ColorDataProxyUACBypass

Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC bypass. Win 7 & up.

PoshADCS

A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)

Havoc

The Havoc Framework.

SOAPHound

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

BlackFriday-GPTs-Prompts

List of free GPTs that doesn't require plus subscription

getsystem-offline

Small tool to get a SYSTEM shell

Koppeling

Adaptive DLL hijacking / dynamic export forwarding

SourcePoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

CarbonCopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

inceptor

Template-Driven AV/EDR Evasion Framework

bulk_extractor

This is the development tree. Production downloads are at:

faxhell

A Bind Shell Using the Fax Service and a DLL Hijack

katana

Katana - Automatic CTF Challenge Solver in Python3

GOAD

game of active directory

MalSCCM

MaldevAcademyLdr.1

mhydeath

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.

msi-search

KRBUACBypass

UAC Bypass By Abusing Kerberos Tickets

Vulnerable-AD-Lab

Automate the build of a vulnerable AD environment.

punk.py

unix SSH post-exploitation 1337 tool

gsocket

Connect like there is no firewall. Securely.