Rob Williams's repositories
BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
injdrv
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
osquery-attck
Mapping the MITRE ATT&CK Matrix with Osquery
Red_Team
Some scripts useful for red team activities
vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab