Travis Eminhizer's starred repositories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
RedTeaming_CheatSheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
LOLDrivers
Living Off The Land Drivers
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Malleable-C2-Profiles
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
ThreadlessInject
Threadless Process Injection using remote function hooking.
SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
PSByPassCLM
Bypass for PowerShell Constrained Language Mode
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
Malleable-C2-Profiles
Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
Windows-Penetration-Testing
Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests and assumed breach exercises (red teaming)
KillDefenderBOF
Beacon Object File PoC implementation of KillDefender
injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)