Beast code in Giters

Lefteris Panos's starred repositories

SourcePoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

Language:Go1012 18 14

EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Language:CMIT985 13 9

No-Consolation

A BOF that runs unmanaged PEs inline

Language:CMIT469 5 2

SharpADWS

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Language:C#423 6 2

EvilSln

A New Exploitation Technique for Visual Studio Projects

Language:C#421 8 3

RemoteKrbRelay

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

Language:C#413 3 1

Kerbeus-BOF

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

Language:C362 4 3

NativeDump

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)

Language:C#347 4 1

LdrLockLiberator

For when DLLMain is the only way

Language:CMIT334 11 3

SspiUacBypass

Bypassing UAC with SSPI Datagram Contexts

Language:C++MIT330 4 6

Caro-Kann

Encrypted shellcode Injection to avoid Kernel triggered memory scans

Language:C323 5 4

POSTDump

Language:C#302 3 2

qengine

C++ 17 or higher control flow obfuscation library for windows binaries

Language:C++MIT277 8 3

lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

Language:C++MIT273 17 1

EDRSandblast-GodFault

Language:C239 3 2

IHxExec

Process injection alternative

Language:C++231 20

pwnginx

Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.

Language:C226 130

perfect-loader

Load a dynamic library from memory by modifying the native Windows loader

Language:C++MIT201 30

themebleed

Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")

Language:C#182 4 1

JonMon

Language:CMIT151 40

windows-security-internals

A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.

Language:PowerShellApache-2.0110 30

BOFRyptor

Language:Assembly108 50

SharpGraphView

Microsoft Graph API post-exploitation toolkit

Language:C#90 20

Aplos

Aplos an extremely simple fuzzer for Windows binaries.

Language:C++Apache-2.066 2 8

ShadowRDP

Language:CMIT56 10

BackupCreds

A C# implementation of dumping credentials from Windows Credential Manager

Language:C#BSD-3-Clause55 10

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.

Language:PowerShellGPL-3.028 2 2

DayBird

Extension functionality for the NightHawk operator client

Language:C#26 20

silkwasm

HTML Smuggling with Web Assembly

Language:GoBSD-3-Clause15 20

wiressh

wiressh is a simple SSH client that allows connectivity via WireGuard

Language:GoMIT300