its-a-feature

followers

following

stars

Cody Thomas's repositories

atomic-red-team

Small and highly portable detection tests.

Language:PowerShellMIT3 20

p0wnedShell

PowerShell Runspace Post Exploitation Toolkit

Language:C#BSD-3-Clause300

EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Language:PythonGPL-3.0200

Invoke-PSImage

Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

Language:PowerShellMIT2 20

MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

Language:PowerShellMIT200

mimikatz

A little tool to play with Windows security

Language:C200

RottenPotatoNG

New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.

Language:C++200

aquatone

A Tool for Domain Flyovers

Language:RubyMIT100

DeathStar

Automate getting Domain Admin using Empire (https://github.com/EmpireProject/Empire)

Language:PythonGPL-3.01 20

impacket

Impacket is a collection of Python classes for working with network protocols.

Language:PythonNOASSERTION100

kwprocessor

Advanced keyboard-walk generator with configureable basechars, keymap and routes

Language:C1 20

libpeconv

A small library for mapping and unmapping PE files.

Language:C++BSD-2-Clause100

Seth

Perform a MitM attack and extract clear text credentials from RDP connections

Language:PythonMIT100

sg1

A wanna be swiss army knife for data encryption, exfiltration and covert communication.

Language:GoGPL-3.0100

ThreatHunting

Powershell collection designed to assist in Threat Hunting Windows systems.

Language:PowerShellGPL-3.0100

Tiredful-API

An intentionally designed broken web application based on REST API.

Language:PythonGPL-3.0100

Aggressor-Script

Collection of Aggressor Scripts for Cobalt Strike

Language:PowerShell000

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Language:C++GPL-2.0020

Awesome-Red-Teaming

List of Awesome Red Teaming Resources

MIT000

big-list-of-naughty-strings

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Language:PythonMIT000

CACTUSTORCH

CACTUSTORCH: Payload Generation for Adversary Simulations

Language:Visual Basic000

CheckPlease

Implant security modules written in Python, PowerShell, Go, Ruby, C, C#, Perl, and Rust.

Language:RustGPL-3.0020

CimPSDrive

SHiPS based provider to navigate CIM classes and namespaces

Language:PowerShellMIT000

DotNetHooking

Sample use cases of the .NET native code hooking technique

Language:C#MIT020

EggShell

iOS/macOS Remote Administration Tool

Language:Objective-CGPL-2.0000

ExternalC2

A library for integrating communication channels with the Cobalt Strike External C2 server

Language:C#MIT020

Invoke-SocksProxy

Socks proxy server using powershell.

Language:PowerShellMIT000

Office-DDE-Payloads

Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.

Language:PythonMIT020

PowerShellScripts

Collection of PowerShell scripts

Language:PowerShell020

ZeroNights2017

Some sample code from my Zero Nights 2017 presentation.

Language:C++GPL-3.0000