xct's starred repositories
SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
HiddenDesktop
HVNC for Cobalt Strike
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
DavRelayUp
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
PassTheChallenge
Recovering NTLM hashes from Credential Guard
DInvoke_rs
Dynamically invoke arbitrary unmanaged code
CobaltWhispers
CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWhispers2) to bypass EDR/AV
family-of-client-ids-research
Research into Undocumented Behavior of Azure AD Refresh Tokens
bloodhound-convert
Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format