Powershell-coder
Follow
Stars
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
Tunneling Internet traffic over Whatsapp
MITM server for WebSocket protocol via DNS poisoning
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
.NET assembly local/remote loading/injection into memory.
rasta-mouse / MinHook.NET
Forked from CCob/MinHook.NETA C# port of the MinHook API hooking library
Detecting Windows x86 API hooking and modification for analysis purposes
Sandman is a NTP based backdoor for red team engagements in hardened networks.
Chrome Keylogger Extension | Post Exploitation Tool
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…
HardeningKitty and Windows Hardening Settings
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
PoC Windows Usermode Rootkit made in C# and C++, made to show you how to protect your process using hooking.
A tool to make socks connections through HTTP agents
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.