Will Summerhill's starred repositories
BloodHoundCustomQueries
My BloodHound custom queries
pyldapsearch
Tool for issuing manual LDAP queries which offers bofhound compatible output
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
SharpWhispers
C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
PassTheChallenge
Recovering NTLM hashes from Credential Guard
CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
FlavorTown
Various ways to execute shellcode
Shellcode-Injection-Techniques
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.
RemotePatcher
Patch AMSI and ETW in remote process via direct syscall
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Awesome_Malware_Techniques
This is a repository of resource about Malware techniques