Lefteris Panos's starred repositories
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
No-Consolation
A BOF that runs unmanaged PEs inline
RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
LdrLockLiberator
For when DLLMain is the only way
SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts
lsa-whisperer
Tools for interacting with authentication packages using their individual message protocols
EDRSandblast-GodFault
EDRSandblast-GodFault
perfect-loader
Load a dynamic library from memory by modifying the native Windows loader
themebleed
Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")
windows-security-internals
A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.
SharpGraphView
Microsoft Graph API post-exploitation toolkit
BackupCreds
A C# implementation of dumping credentials from Windows Credential Manager
ludus_sccm
An Ansible collection that installs an SCCM deployment with optional configurations.