Stars
Protection against HTML smuggling attempts.
A custom implementation of GetProcAddress, often used in malware to evade detection by bypassing standard API resolution methods
Port of Cobalt Strike's Process Inject Kit
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
t3hbb / HTMLSmuggler
Forked from D00Movenok/HTMLSmuggler✉️ HTML Smuggling generator&obfuscator for your Red Team operations
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…
Tool to extract username and password of current user from PanGPA in plaintext
This repo contains some Amsi Bypass methods i found on different Blog Posts.
A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…
A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…
Extract and execute a PE embedded within a PNG file using an LNK file.
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Run PowerShell with rundll32. Bypass software restrictions.
Security Remediation Guides
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
PoCs of RCEs against open source C2 servers
Also known by Microsoft as Knifecoat 🌶️
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Repository for information about 0-days exploited in-the-wild.
A curated list wordlists for bruteforcing and fuzzing
A set of GitHub actions for checking your projects for vulnerabilities
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.