zshell's starred repositories
HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
PrintSpoofer
Abusing impersonation privileges through the "Printer Bug"
TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
RoguePotato
Another Windows Local Privilege Escalation from Service Account to System
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
OffensivePipeline
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
DragonCastle
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
impersonate
A windows token impersonation tool
ContextMenuHijack
Execute a payload at each right click on a file/folder in the explorer menu for persistence
GenericPotato
Impersonating authentication over HTTP and/or named pipes.