shogunlab

awesome-hyper-v-exploitation

A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.

building-c2-implants-in-cpp

The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).

shuriken

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Mochi

Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.

Sukoshi

Sukoshi is a proof-of-concept Python/C++ implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.

Gitformant

OSINT tool for discovering confidential data leaked on Github.

ghidra_blog_binaries

Repository hosting binaries for the Ghidra blog posts at Shogun Lab.

teamserver-packer

Create an AMI with CobaltStrike and related tools.

cool-accounts

Terraform code to configure the accounts for the COOL.

cool-assessment-terraform

Terraform to deploy an assessment environment to the COOL

cool-images-assessment-images

Terraform code to create resources to provide storage and access for assessment images in the COOL.

cool-system

The Cloud Optimized Operational Lab (COOL) system

cpp_vs_payload_template

Visual Studio (C++) Solution Template for Payloads

FindETWProviderImage

Quickly search for references to a GUID in DLLs, EXEs, and drivers

guacamole-packer

Create machine images containing the Guacamole remote desktop gateway

pca-gophish-composition-packer

Create machine images that include cisagov/pca-gophish-composition

terraformer-packer

Create an AMI that can be used to deploy AWS resources via Terraform.

ccc

Companion Code for C++ Crash Course

cpp-implant

A simple implant showcasing modern C++

experiments

Expriments

HiddenDesktop

HVNC for Cobalt Strike

moonshine

Periscope

Recon-AD

Recon-AD, an AD recon tool based on ADSI and reflective DLL’s

VX-API

Collection of various malicious functionality to aid in malware development