Stars
A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
yep full list of virustotal machines, OG REPO
Basic interactive Windows kernel offensive toolkit written in C
Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.
A living guide to lesser-known and evasive Windows API abuses used in malware, with practical reverse engineering notes, YARA detections, and behavioral indicators.
Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
Demo of LoadLibrary function with C++ in Win32 API
Proof of concept code for split processing EDR evasion.
Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3
WindowTextExtractor allows you to get a text from any window of an operating system including asterisk passwords
Convert your shellcode into an ASCII string
Captures screenshots from a password-protected RTSP stream at regular intervals. This is perfect for collecting a series of images over time to create a timelapse video.
Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
Youtube as C2 channel - Control Windows systems uploading QR videos to Youtube
Python3 script that automates the tedious tasks of a penetration tester
zimedev / certipy-merged
Forked from ly4k/CertipyTool for Active Directory Certificate Services enumeration and abuse
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
P/Invoke definitions from the most-of-the-time offline offline pinvoke.net. Website: https://ricardojoserf.gitbook.io/pinvoke
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8