mmmmcoffee's repositories
Amsi-Killer
Lifetime AMSI bypass
AtomPePacker
A Highly capable Pe Packer
bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
clroxide
A rust library that allows you to host the CLR and execute dotnet binaries.
CodeCave
A bunch of scripts and code i wrote.
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
hashdb
Assortment of hashing algorithms used in malware
hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
libsodium
A modern, portable, easy to use crypto library.
libtomcrypt
LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
misc
miscellaneous scripts and programs
msgpack-c
MessagePack implementation for C and C++ / msgpack.org[C/C++]
Mythic
A collaborative, multi-platform, red teaming framework
nanodump
The swiss army knife of LSASS dumping
NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
Nimplant
DEPRECATED - A cross-platform implant written in Nim
NimPlant-1
A light-weight first-stage C2 implant written in Nim.
packer-tutorial
A tutorial on how to write a packer for Windows!
PEzor
Open-Source Shellcode & PE Packer
pyMalleableC2
Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
ReverseSock5Proxy
A tiny Reverse Sock5 Proxy written in C :V
revsocks
Reverse SOCKS5 implementation in Go
ScreenshotBOF
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot saved to disk as a file.
UACME
Defeating Windows User Account Control
zlib-ng
zlib replacement with optimizations for "next generation" systems.