v4nyl's repositories
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
AutoSmuggle
Utility to craft HTML or SVG smuggled files for Red Team engagements
Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
BlackLotus-leak
BlackLotus UEFI Windows Bootkit
Blog-Lab
Source files for my posts
CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
ClipboardHistoryThief
POC tool to extract all persistent clipboard history data from clipboard service process memory
CVE-2022-21894
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
daphne
Proof-of-Concept to evade auditd by tampering via ptrace
dcomhijack
Lateral Movement Using DCOM and DLL Hijacking
DropSpawn_BOF
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
EDRSandblast-GodFault
EDRSandblast-GodFault
EntropyReducer
Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
GeoWordlists
GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.
GodPotato_CLR
A Custom CLR Assembly for MSSQL of the popular tool GodPotato
HiddenDesktop
HVNC for Cobalt Strike
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
MagicSigner
Signtool for expired certificates
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
RandomTSScripts
Collection of random RedTeam scripts.
rogue
A barebones template of 'rogue' aka a simple recon and agent deployment I built to communicate over ICMP. Well, without the ICMP code.
WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.
wmiexec-Pro
New generation of wmiexec.py
WSPCoerce
PoC to coerce authentication from Windows hosts using MS-WSP
zapper
Zaps arguments and environment from the process list