v4nyl's repositories
bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
DLHell
Local & remote Windows DLL Proxying
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
entraspray
Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)
git-rotate
Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking
GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
Handly
Abuse leaked token handles.
keebcap
Win32 keylogger that supports all (non-ime using) languages correctly
KExecDD
Admin to Kernel code execution using the KSecDD driver
Linux-Malware
This is a repo focusing on building Linux Malware.
lolcerts
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
misc
miscellaneous scripts and programs
Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
NidhoggCSharpApi
C# API for Nidhogg rootkit
No-Consolation
A BOF that runs unmanaged PEs inline
pendulum
Linux Sleep Obfuscation
proxybroker2
The New (auto rotate) Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS :performing_arts:
RedTeamCCode
Red Team C code repo
Shhhloader
Syscall Shellcode Loader (Work in Progress)
Shoggoth
Shoggoth: Asmjit Based Polymorphic Encryptor
SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
thc-tips-tricks-hacks-cheat-sheet
Various tips & tricks
UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
unKover
PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.