r3b3llion's repositories
AutoSmuggle
Utility to craft HTML or SVG smuggled files for Red Team engagements
BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
Chimera
Automated DLL Sideloading Tool With EDR Evasion Capabilities
EDRSandblast-GodFault
EDRSandblast-GodFault
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
evilgophish
evilginx3 + gophish
File-Smuggling
HTML smuggling is not an evil, it can be useful
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
ICS-Security-Tools
Tools, tips, tricks, and more for exploring ICS Security.
impacketdacl
Impacket is a collection of Python classes for working with network protocols.
InflativeLoading
Dynamically convert a native EXE to PIC shellcode by prepending a shellcode stub
KaliSetupInternalPT
This is a script developed to install all tools needed for internal PT.
knowsmore
KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
NimBlackout
Kill AV/EDR leveraging BYOVD attack
Offensive-OSINT-Tools
OffSec OSINT Pentest/RedTeam Tools
PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
power-pwn
An offensive and defensive security toolset for Microsoft 365 Power Platform
PowerShell-AD-Script
PowerShell Scripts for Enumeration on AD and Local Hosts
PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
ProcessInjection
This program is designed to demonstrate various process injection techniques
SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
TeamFiltrationBackup
This is a backup of Original TeamFiltration tool which contains create_fireprox_instances.sh files which is now removed
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
WolfPack_c2redirector
WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.