PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Covenant is a collaborative .NET C2 framework for red teamers.

Trying to tame the three-headed dog.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Network Analysis Tool

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

An open-source, free protector for .NET applications

PingCastle - Get Active Directory Security at 80% in 20% of the time

Open-Source Remote Administration Tool For Windows C# (RAT)

Identifies the bytes that Microsoft Defender flags on.

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.

SharpSploit is a .NET post-exploitation library written in C#

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

PowerShell Runspace Post Exploitation Toolkit

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

Collection of Offensive C# Tooling

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

The Hunt for Malicious Strings

A method of bypassing EDR's active projection DLL's by preventing entry point exection

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

Loads any C# binary in mem, patching AMSI + ETW.

OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

C# Script used for Red Team