Lefteris Panos's repositories
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
binjection
Injects additional machine instructions into various binary formats.
com-research
Research into COM
csharp
Various C# projects for offensive security
DetectionLabELK
DetectionLabELK is a fork from Chris Long's DetectionLab with ELK stack instead of Splunk.
GhostBuild
GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
Koppeling
Adaptive DLL hijacking / dynamic export forwarding
Lockless
Lockless allows for the copying of locked files.
ohmybackup
Scan Victim Backup Directories & Backup Files
OxidBindings
Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
PeFixup
PE File Blessing - To continue or not to continue
physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
ppdump-public
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDump() Shellcode
RogueWinRM
Windows Local Privilege Escalation from Service Account to System
Rook
A tool to Terraform and automate password cracking on AWS.
RunasCs
RunasCs - Csharp and open version of windows builtin runas.exe
Salsa-tools
Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
SauronEye
Search tool to find specific files containing specific words, i.e. files containing passwords..
scope_creep
Mass target enumeration
SharpClipHistory
SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.
sharpwmi
sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。
sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
SyscallHide
Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
virtual-reality
Stealthy backdoor for Windows operating systems
WeakestLink
Browser extension that extracts users from LinkedIn company pages
wmiServSessEnum
.net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems