Lefteris Panos's repositories

AQUARMOURY

My musings in C and offensive tooling

Language:CStargazers:1Issues:1Issues:0
Language:CStargazers:0Issues:0Issues:0

Certify

Active Directory certificate abuse.

Language:C#License:NOASSERTIONStargazers:0Issues:1Issues:0

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

Language:PowerShellStargazers:0Issues:0Issues:0
Language:C++License:MITStargazers:0Issues:0Issues:0

concealed_position

Bring your own print driver privilige escalation tool

Language:C++License:BSD-3-ClauseStargazers:0Issues:1Issues:0

CS-BOFs

Collection of CobaltStrike beacon object files

Language:CStargazers:0Issues:1Issues:0

CVE-2021-1675-LPE

Local Privilege Escalation Edition for CVE-2021-1675

Language:CStargazers:0Issues:1Issues:0

dnstake

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Language:GoLicense:MITStargazers:0Issues:0Issues:0

ElusiveMice

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

Language:CStargazers:0Issues:0Issues:0

evasion

Windows packer

Language:C++Stargazers:0Issues:0Issues:0

ImpulsiveDLLHijack

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Language:C#Stargazers:0Issues:0Issues:0

injectAmsiBypass

Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

Language:CStargazers:0Issues:1Issues:0

InlineExecute-Assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

Language:CStargazers:0Issues:1Issues:0

LittleCorporal

LittleCorporal: A C# Automated Maldoc Generator

Language:C#Stargazers:0Issues:1Issues:0

MappingInjection_CSharp

MappingInjection via csharp

Language:C#Stargazers:0Issues:0Issues:0

Obfuscate

Guaranteed compile-time string literal obfuscation header-only library for C++14

Language:C++License:UnlicenseStargazers:0Issues:0Issues:0
Language:CStargazers:0Issues:1Issues:0

RedTeam-Tactics-and-Techniques

Red Teaming Tactics and Techniques

Language:PowerShellStargazers:0Issues:0Issues:0

rootOS

macOS Privilege Escalation Helper

Language:PythonLicense:MITStargazers:0Issues:0Issues:0

secinject

Section Mapping Process Injection (secinject): Cobalt Strike BOF

Stargazers:0Issues:0Issues:0

ServiceMove-BOF

New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.

Language:CStargazers:0Issues:0Issues:0

SharpBeacon

CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能

Language:C#Stargazers:0Issues:0Issues:0

SharpImpersonation

A User Impersonation tool - via Token or Shellcode injection

Language:C#License:BSD-3-ClauseStargazers:0Issues:1Issues:0

SharpLink

Create file system symbolic links from low privileged user accounts within PowerShell

Language:C#License:GPL-3.0Stargazers:0Issues:0Issues:0

SharpStrike

A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.

Language:C#License:GPL-3.0Stargazers:0Issues:0Issues:0

SigFlip

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Language:C#License:MITStargazers:0Issues:0Issues:0

TrustedPath-UACBypass-BOF

Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.

Language:CStargazers:0Issues:0Issues:0

UserModeUnhooking

This project is created for research into antivirus evasion by unhooking.

Language:C++Stargazers:0Issues:0Issues:0

xlsKami

Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets

Language:C#License:Apache-2.0Stargazers:0Issues:1Issues:0