Stars
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…
Binary and CrackMapExec module to impersonate tokens on a windows machine
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in…
Weaponizing for privileged file writes bugs with PrintNotify Service
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Mi…
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Reverse TCP shell in PowerShell for fun. Made in spring 2020 with inspiration from (and a few fixes to) samratashok/nishang Invoke-PowerShellTcp.ps1 and https://cyberwardog.blogspot.com/2016/08/pow…
Self-developed tools for Lateral Movement/Code Execution
Password spraying and bruteforcing tool for Active Directory Domain Services
A small POC to make defender useless by removing its token privileges and lowering the token integrity
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
The VBScript Obfuscator written in VBScript
Stop Windows Defender using the Win32 API
Azure Security Resources and Notes
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
ricardojba / noPac
Forked from cube0x0/noPacCVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
Loads any C# binary in mem, patching AMSI + ETW.
Simple (relatively) things allowing you to dig a bit deeper than usual.
Remote Desktop entirely coded in PowerShell.
How to spoof the command line when spawning a new process from C#.
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.