j0urney1's repositories
bof-NetworkServiceEscalate
Abuses the Shared Logon Session ID Issue (Described [here](https://www.tiraniddo.dev/2020/04/sharing-logon-session-little-too-much.html) by the awesome James Forshaw) To Achieve System From NetworkService. Can be used as a "getsystem" as well
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
AlanFramework
A C2 post-exploitation framework
herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
HVNC
HVNC Client & Server | Coded in C++ (Fixed Tinynuke)
InfinityHook
Hook system calls, context switches, page faults and more.
CobaltStrike
CobaltStrike's source code
Inject-dll-by-Process-Doppelganging
Process Doppelgänging
InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
mssqlproxy
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse.
PortBender
TCP Port Redirection Utility
reflectivepotato
MSFRottenPotato built as a Reflective DLL. Work in progress. Gotta love Visual C++
rewolf-wow64ext
Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.
Scrapy-
Microsoft Visual C++ 14.0
SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
spoolsystem
Print Spooler Named Pipe Impersonation for Cobalt Strike
tsh
Tiny SHell is an open-source UNIX backdoor.
unhook-bof
Remove API hooks from a Beacon process.
xencrypt
A PowerShell script anti-virus evasion tool