juushya's starred repositories
aad-sso-enum-brute-spray
POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
power-kill
power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes
ScareCrow-CobaltStrike
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
NativePayload_HTTP
Data Exfiltration via HTTP Traffic (C# and Shell Script)
interactsh
An OOB interaction gathering server and client library
sharpbysentinel
lol firewall
awesome-osint
:scream: A curated list of amazingly awesome OSINT
WAF-bypass-Cheat-Sheet
Another way to bypass WAF Cheat Sheet (draft)
unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
SharpUnhooker
C# Based Universal API Unhooker
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
CSharp-and-Infosec
This is a monorepo including codes from grey hat c# by no starch and some of my own research with it.
CVE-2021-38647
Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
Invoke-PSObfuscation
An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
CVE-2021-40444
CVE-2021-40444 PoC
LiquidSnake
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript