two06

Inception

Provides In-memory compilation and reflective loading of C# apps for AV evasion.

AMSI_Handler

Automate AV evasion by calling AMSI

SharpShot

Capture screenshots from .NET using .NET methods or Windows API calls

FridaInject

Inject Frida-Gadget into a local process

SharpStick

EvtMute

Apply a filter to the events being reported by windows event logging

FridaSharp

sitrep

SSRS

devops-toolchain-docker

docker file for Ansible

DNSBitFlip

PlatformBrowser

This package allows you to retrieve the web browsers installed on the system.

PythonScripts

Python Scripts

bof-registry

Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry

DeserializationDemo

dll-proxy-generator

Creates a proxy dll which sits between the game and original dll

InlineIL.Fody

Inject arbitrary IL code at compile time.

nanodump

The swiss army knife of LSASS dumping

perfview

PerfView is a CPU and memory performance-analysis tool

PowerShellScripts

Repo containing powershell scripts

SharpDllProxy

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

SharpSecDump

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py

ShellcodeWrapper

Shellcode wrapper with encryption for multiple target languages

spring-rce-poc

SysWhispers

AV/EDR evasion via direct system calls.

two06.github.io

vncdll

Stand-alone VNC server compiled as a Reflective DLL