Loading BOF & ShellCode without executable permission memory.

Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Multiple levels of Pivoting and exposing multiple internal ser…

Generic PE loader for fast prototyping evasion techniques

Fileless atexec, no more need for port 445

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs

🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

This repository contains my complete resources and coding practices for malware development using Rust 🦀.

Generate FUD backdoors

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS…

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Real fucking shellcode encryptor & obfuscator tool

Windows Local Privilege Escalation Cookbook

Sliver agents for Mythic

Dumping DPAPI credz remotely

Various one-off pentesting projects written in Nim. Updates happen on a whim.

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

Sample Rust Hooking Engine

Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)

Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

A beacon object file implementation of PoolParty Process Injection Technique.

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, inst…

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

An evolving how-to guide for securing a Linux server.