r3b3llion's repositories
AutoSmuggle
Utility to craft HTML or SVG smuggled files for Red Team engagements
BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
EDRSandblast-GodFault
EDRSandblast-GodFault
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
evilgophish
evilginx3 + gophish
File-Smuggling
HTML smuggling is not an evil, it can be useful
frida-interception-and-unpinning
Frida scripts to directly MitM all HTTPS traffic from a target mobile application
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
ICS-Security-Tools
Tools, tips, tricks, and more for exploring ICS Security.
impacketdacl
Impacket is a collection of Python classes for working with network protocols.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
KaliSetupInternalPT
This is a script developed to install all tools needed for internal PT.
knowsmore
KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
NimBlackout
Kill AV/EDR leveraging BYOVD attack
Nimperiments
Various one-off pentesting projects written in Nim. Updates happen on a whim.
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
power-pwn
An offensive and defensive security toolset for Microsoft 365 Power Platform
PowerShell-AD-Script
PowerShell Scripts for Enumeration on AD and Local Hosts
PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
ProcessInjection
This program is designed to demonstrate various process injection techniques
SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
TeamFiltrationBackup
This is a backup of Original TeamFiltration tool which contains create_fireprox_instances.sh files which is now removed
WolfPack_c2redirector
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.