nickhakkz's starred repositories
MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
UCantSeeM3
Hiding your process in ProcessHacker,Task Manager,etc by patching NtQuerySystemInformation
PortBender
TCP Port Redirection Utility
nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
OffensiveCSharp
Collection of Offensive C# Tooling
RemotePotato0
Windows Privilege Escalation from User to Domain Admin.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
ScareCrow-CobaltStrike
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
SharpExcelibur
Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly
SharpSword
Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
Beaconator
A beacon generator using Cobalt Strike and a variety of tools.
OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
ADHuntTool
official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
sysmon-modular
A repository of sysmon configuration modules
InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
SysWhispers
AV/EDR evasion via direct system calls.
Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
unhook-bof
Remove API hooks from a Beacon process.
BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.