Topotam's repositories
Azure-Red-Team
Azure Security Resources and Notes
aad-sso-enum-brute-spray
POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
Abusing_Weak_ACL_on_Certificate_Templates
Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
artifact64
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD
BeaconEye
Hunts out CobaltStrike beacons and logs operator command output
cs2webconfig
Convert Cobalt Strike profiles to IIS web.config files
experiments
Expriments
ForgeCert
"Golden" certificates
GetWebDAVStatus
Determine if the WebClient Service (WebDAV) is running on a remote system
HandleKatz
PIC lsass dumper using cloned handles
PPLDump_BOF
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
PR0CESS
some gadgets about windows process and ready to use :)
Presentations
Any presentation we've given at FortyNorth Security
Self_Deletion_BOF
BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
SharpSystemTriggers
Collection of remote authentication triggers in C#
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
spawn
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
TitanLdr
Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
Toggle_Token_Privileges_BOF
Syscall BOF to arbitrarily add/detract process token privilege rights.
TripleS
Syscall Stub Stealer - Freshly steal Syscall stub straight from the disk
unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
WebclientServiceScanner
Python tool to Check running WebClient services on multiple targets based on @leechristensen