nickhakkz's repositories
ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
minbeacon
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
sysmon-config
Sysmon configuration file template with default high-quality event tracing
invoker
Penetration testing utility and antivirus assessment tool.
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Ps-Tools
Ps-Tools, an advanced process monitoring toolkit for offensive operations
CobaltStrike-BOF
Collection of beacon BOF written to learn windows and cobaltstrike
SharpRDPHijack
A POC Remote Desktop (RDP) session hijack utility for disconnected sessions
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
sentinel-attack
Repository of sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework
SharpeningCobaltStrike
in realtime v35/40 dotnet compiler for your linux Cobalt Strike C2. New fresh compiled and obfuscated binary for each use
RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
BloodHound
Six Degrees of Domain Admin
SharpAllTheThings
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
thc-tips-tricks-hacks-cheat-sheet
Various tips & tricks
SharpCookieMonster
Extracts cookies from Chrome.
CrossC2
generate CobaltStrike's cross-platform payload
SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
Zipper
Zipper, a CobaltStrike file and folder compression utility.
cve-2019-19782
This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
PoisonHandler
lateral movement techniques that can be used during red team exercises
CVE-2019-19781
Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]
WMIReg
PoC to interact with local/remote registry hives through WMI