Lefteris Panos's repositories
DPAPISnoop
A C# tool to output crackable DPAPI hashes from user MasterKeys
BackupCreds
A C# implementation of dumping credentials from Windows Credential Manager
EDRSandblast-GodFault
EDRSandblast-GodFault
AtlasReaper
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
AutoFunkt
Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles
CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
CreateRemoteThreadPlus
CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
evilginx3
sturdy-chainsaw
FlavorTown
Various ways to execute shellcode
hashview
A web front-end for password cracking and analytics
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
JayFinder
Find DLLs with RWX section
Kraken
Kraken, a modular multi-language webshell coded by @secu_x11
MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
Morphian
Morphian is a python3 tool designed to generate unique passwords by combining specific characteristics of the target. It focuses on providing the user with four wordlists containing possible passwords categorized into different strength levels based on their predictability.
OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
RToolZ
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
SentinelKQL
Azure Sentinel KQL
SharpHound4Cobalt
C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
ShellcodePlayer
Versatile tool for configuring launchers for PIC blobs
SQL-BOF
Library of BOFs to interact with SQL servers
TeamsPhisher
Send phishing messages and attachments to Microsoft Teams users
ThreadlessInject
Threadless Process Injection using remote function hooking.
WhoxySD
Gather all root domains of an organization from Whoxy
wsMemShell
WebSocket 内存马/Webshell,一种新型内存马/WebShell技术