Will Summerhill's starred repositories
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
CursedChrome
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Shhhloader
Syscall Shellcode Loader (Work in Progress)
CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
PortBender
TCP Port Redirection Utility
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
Evilginx2-Phishlets
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
COM-Hunter
COM Hijacking VOODOO
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
CsWhispers
Source generator to add D/Invoke and indirect syscall methods to a C# project.
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
Evasive-Loader
Evasive loader to bypass static detection