Highlights
- Pro
-
donut Public
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
-
RpcProxyInvoke Public
Forked from klezVirus/RpcProxyInvokeSimple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
-
MemProcFS Public
Forked from ufrisk/MemProcFSMemProcFS (fork that allows reading dumps of the lsass process)
-
beercode Public
Free beerware-quality code in exchange for beer money (if you are so inclined). ;-)
-
NativeDump Public
Forked from ricardojoserf/NativeDumpDump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
-
LetMeowIn Public
Forked from Meowmycks/LetMeowInA sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
-
angryorchard-original Public
Forked from odzhan/angryorchard-originalOriginal proof of concept I submitted to brokers demonstrating the vulnerability in hopes of getting rid of it.
-
LEOPARDSEAL Public
Forked from zimnyaa/LEOPARDSEALA simple Linux in-memory .so loader
-
TheWover.github.io Public
Forked from barryclark/jekyll-nowBlog. Watch the repo to subscribe
-
compound-actions Public
Compound Actions align with MITRE ATT&CK TTPs at the procedure level.
-
DInvoke Public
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
-
community-threats Public
Forked from 3453-315h/community-threatsThe largest, public library of adversary emulation plans in JSON. A place to share custom SCYTHE threats with the community. #ThreatThursday
-
community-modules Public
Forked from yoda66/community-modulesA place to share SCYTHE modules with the community.
-
DotNetInjections Public
Loading Assemblies Into Processes, the All Natural Organic way
-
DynamicWrapperDotNet Public
Forked from BackupHouse/DynamicWrapperDotNetDynamically Loads Assembly and Calls Methods from JScript
-
KrbRelayUp Public
Forked from Dec0ne/KrbRelayUpKrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
-
JNDI-Exploit-Kit Public
Forked from pimps/JNDI-Exploit-KitJNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps v…
-
CertStealer Public
A .NET tool for exporting and importing certificates without touching disk.
-
AllTheThingsExec Public
Forked from kafkaesqu3/AllTheThingsExecExecutes Blended Managed/Unmanged Exports
-
-
StandIn Public
Forked from FuzzySecurity/StandInStandIn is a small .NET35/45 AD post-exploitation toolkit
-
TelemetrySourcerer Public
Forked from jthuraisamy/TelemetrySourcererEnumerate and disable common sources of telemetry used by AV/EDR.
-
endgame Public
Forked from DavidDikker/endgameAn AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
-
red_team_tool_countermeasures Public
Forked from mandiant/red_team_tool_countermeasures -
SharpSploit Public
Forked from cobbr/SharpSploitSharpSploit is a .NET post-exploitation library written in C#
-
herpaderping Public
Forked from jxy-s/herpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
-
masm_shc Public
Forked from hasherezade/masm_shcA helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
-
SharpKatz Public
Forked from b4rtik/SharpKatzPorting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
-
Koppeling Public
Forked from monoxgas/KoppelingAdaptive DLL hijacking / dynamic export forwarding
-
DLLHijackTest Public
Forked from slyd0g/DLLHijackTestDLL and PowerShell script to assist with finding DLL hijacks