Protection against HTML smuggling attempts.

Port of Cobalt Strike's Process Inject Kit

C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.

Tool to extract username and password of current user from PanGPA in plaintext

This repo contains some Amsi Bypass methods i found on different Blog Posts.

A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens

Embed a payload inside a PNG file

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

Extract and execute a PE embedded within a PNG file using an LNK file.

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

Run PowerShell with rundll32. Bypass software restrictions.

Security Remediation Guides

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

A Python POC for CRED1 over SOCKS5

PoCs of RCEs against open source C2 servers

Also known by Microsoft as Knifecoat 🌶️

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

Lab used for workshop and CTF

A curated list wordlists for bruteforcing and fuzzing

A set of GitHub actions for checking your projects for vulnerabilities

.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

.NET assembly loader with patchless AMSI and ETW bypass

reverse engineered and improved BSQLi script from Coffinxp

Automated tool for domains & subdomains gathering

SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning varia…

GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.