Mariusz Banach's repositories
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
decode-spam-headers
A script that helps you understand why your E-Mail ended up in Spam
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
tomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
ElusiveMice
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
SharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
expdevBadChars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
Exploit-Development-Tools
A bunch of my exploit development helper tools, collected in one place.
msi-shenanigans
Proof of Concept code and samples presenting emerging threat of MSI installer files.
PE-library
Lightweight Portable Executable parsing library and a demo peParser application.
CustomXMLPart
A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
digitalocean-app-redirector
Reverse-HTTP Redirector via DigitalOcean Apps Platform
PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
DeathSleep
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
forensicsim
A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.
sleep_python_bridge
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature. Perhaps this could be somethin