jack51706

lsarelayx

NTLM relaying for Windows made easy

adPEAS

Powershell tool to automate Active Directory enumeration.

bootkit-samples

Bootkit sample for firmware attack

herpaderping

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

TartarusGate

TartarusGate, Bypassing EDRs

ad-privileged-audit

Provides various Windows Server Active Directory (AD) security-focused reports.

ADenum

AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.

bloodyAD

BloodyAD is an Active Directory Privilege Escalation Framework

code2flow

Pretty good call graphs for dynamic languages

covert-control

Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

DInjector

Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL

Go_Bypass

Golang Bypass Av Generator template

GoMapEnum

User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin

Ivy

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

Medusa-2

Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic

melting-cobalt

A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object

moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

OffensiveAutoIt

Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)

OffensiveVBA

This repo covers some code execution and AV Evasion methods for Macros in Office documents

OPC-UA-attacks-POC

rpcfirewall

SecOpsDev

自己闲来无事所写以及工作中抽取的安全/运维/开发方面的小脚本

SharpSystemTriggers

Collection of remote authentication triggers in C#

Shellcode-Injection-Techniques

A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.

shennina

Automating Host Exploitation with AI

Skrull

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

sliver

Adversary Emulation Framework

SMBSR

Lookup for interesting stuff in SMB shares

Spray365

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

TheMacHardeningScripts

Scripts to secure and harden Mac OS X