Mariusz Banach (mgeeky)

mgeeky

Geek Repo

Company:Binary-Offensive

Location:Poland

Home Page:https://mgeeky.tech

Twitter:@mariuszbit

Github PK Tool:Github PK Tool

Mariusz Banach's repositories

Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Language:PowerShellLicense:MITStargazers:1688Issues:63Issues:5

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

Language:PowerShellLicense:MITStargazers:697Issues:30Issues:2

ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Language:C++License:MITStargazers:695Issues:25Issues:1

RedWarden

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

Language:PythonLicense:GPL-3.0Stargazers:670Issues:16Issues:16

ShellcodeFluctuation

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Language:C++License:MITStargazers:564Issues:18Issues:2

PackMyPayload

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Language:PythonLicense:MITStargazers:493Issues:11Issues:3

Stracciatella

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Language:C#License:GPL-3.0Stargazers:386Issues:13Issues:8

ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.

Language:PowerShellLicense:MITStargazers:375Issues:11Issues:1

tomcatWarDeployer

Apache Tomcat auto WAR deployment & pwning penetration testing tool.

Language:PythonLicense:GPL-3.0Stargazers:356Issues:16Issues:12

UnhookMe

UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware

Language:C++License:MITStargazers:300Issues:9Issues:1

decode-spam-headers

A script that helps you understand why your E-Mail ended up in Spam

Language:PythonLicense:MITStargazers:274Issues:8Issues:5

ElusiveMice

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

Language:CLicense:MITStargazers:226Issues:11Issues:0

SharpWebServer

Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality

Language:C#License:GPL-3.0Stargazers:222Issues:10Issues:0

AzureRT

AzureRT - A Powershell module implementing various Azure Red Team tactics

Language:PowerShellLicense:MITStargazers:199Issues:7Issues:0

expdevBadChars

Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.

Language:PythonLicense:GPL-3.0Stargazers:179Issues:7Issues:3

RobustPentestMacro

This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.

Language:VBScriptLicense:GPL-3.0Stargazers:127Issues:12Issues:0

VisualBasicObfuscator

Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.

Language:PythonLicense:GPL-3.0Stargazers:110Issues:9Issues:0

Exploit-Development-Tools

A bunch of my exploit development helper tools, collected in one place.

Language:PythonLicense:GPL-3.0Stargazers:109Issues:9Issues:0

PE-library

Lightweight Portable Executable parsing library and a demo peParser application.

Language:C++License:MITStargazers:63Issues:4Issues:0

PhishingPost

PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameter

Language:PHPLicense:GPL-3.0Stargazers:41Issues:4Issues:2

CustomXMLPart

A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.

Language:VBALicense:GPL-3.0Stargazers:24Issues:2Issues:1

EvilClippy

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Language:C#Stargazers:11Issues:0Issues:0

Phishious

An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.

Language:JavaScriptStargazers:6Issues:0Issues:0
Language:C#License:Apache-2.0Stargazers:5Issues:0Issues:0

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Language:PowerShellLicense:NOASSERTIONStargazers:3Issues:0Issues:0

forensicsim

A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.

Language:PythonLicense:MITStargazers:1Issues:0Issues:0

ScareCrow

ScareCrow - Payload creation framework designed around EDR bypass.

Language:GoLicense:MITStargazers:1Issues:0Issues:0

Seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Language:C#License:NOASSERTIONStargazers:0Issues:0Issues:0

SharpShooter

Payload Generation Framework

Language:Visual BasicStargazers:0Issues:0Issues:0