Tim MalcomVetter's repositories

Periscope

Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)

Language:C#License:NOASSERTIONStargazers:380Issues:0Issues:0

CSExec

An implementation of PSExec in C#

ManagedInjection

A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge

Language:C#Stargazers:164Issues:14Issues:0

NamedPipes

A pattern for client/server communication via Named Pipes via C#

Language:C#Stargazers:96Issues:7Issues:0

UnstoppableService

A pattern for a self-installing Windows service in C# with the unstoppable attributes in C#.

Language:C#Stargazers:66Issues:5Issues:0

fake-ransomware

A non-destructive, but ANNOYING ransomware lookalike for use with red team exercises.

Language:C#Stargazers:58Issues:0Issues:0

WMIProcessWatcher

An example pattern in C# for using WMI to monitor process creation and termination events.

Language:C#Stargazers:50Issues:4Issues:0
Language:C++Stargazers:44Issues:5Issues:0

AntiDebug

PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.

WidgetSender

Intentionally Vulnerable Demo App: .NET MVC, WCF, WebAPI, Web Forms

Language:C#Stargazers:22Issues:2Issues:0

WhoDis

An example pattern in C# for watching security events (logon/logoff/privilege)

Language:C#Stargazers:19Issues:3Issues:0

BlueScreenOnExit

PoC of a protected process causing a blue screen if killed.

Language:C#Stargazers:16Issues:2Issues:0

CertCheck

Programmatically access a TLS certificate chain in C++ and C#

Language:C++Stargazers:15Issues:3Issues:0

RunAs

An example in C# for programmatically calling UAC to escalate to admin

Language:C#Stargazers:15Issues:3Issues:0

DieHard

PoC: process watcher patterns to make killing a process hard.

Language:C#Stargazers:12Issues:2Issues:0

TLAD

The Totally Legit Authentication Dialog

Language:C#Stargazers:12Issues:1Issues:0

ProtectProcessFromJoeUser

PoC: Protecting Joe User from killing his own process.

CAPE

Malware Configuration And Payload Extraction

Language:PythonStargazers:2Issues:1Issues:0
Language:C++Stargazers:2Issues:2Issues:0
Language:C++Stargazers:2Issues:2Issues:0

dns

A DNS library written in C#

Language:C#Stargazers:1Issues:1Issues:0

HappySad

Sometimes you just need a Happy EXE and a Sad EXE

Language:C++Stargazers:1Issues:0Issues:0
Language:C++Stargazers:1Issues:2Issues:0

NetAPI

Example for how to call the NetAPI for local user/group management in Windows via C++

Language:C++Stargazers:0Issues:2Issues:0

XOREncryption

XOR encryption implementations for several languages.

License:MITStargazers:0Issues:0Issues:0