This is your work, valued
SharpCollection. Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
2.9kTeamFiltration. TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
1.4kSharpDllProxy. Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
916BetterSafetyKatz. Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.
886NetLoader. Loads any C# binary in mem, patching AMSI + ETW.
850AMSI.fail. C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
451ObfuscatedSharpCollection. Attempt at Obfuscated version of SharpCollection
263SharpProxyLogon. C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
249CobaltBus. Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
248AzureC2Relay. AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
236Bobber. Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
184DeployPrinterNightmare. C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
180QRucible. Python utility that generates "imageless" QR codes in various formats
140SharpExfiltrate. Modular C# framework to exfiltrate loot over secure and trusted channels.
132DLLSideloader. PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading
131RosFuscator. YouTube/Livestream project for obfuscating C# source code using Roslyn
127SharpAppLocker. C# port of the Get-AppLockerPolicy PS cmdlet
99UAC-D-E-Rubber-Ducky. Python2 / BASH / VBS- UAC D&E Rubber Ducky
68HIDAAF. Python - Human Interface Device Android Attack Framework
46ADCSPwn. A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
41HTB-HDBadgeGenerator. HackTheBox High Definition Badge Generator
29collector. Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
19CobaltStuff.
14remote_wrapper. Extensible Mythic Wrapper that allows payload wrapping to occur on a remote host
11SimpleSourceProtector. Simple c# source code obfuscator
10Ethical-Hacking-101-Cheat-Sheet. Cheat Sheet High School Student
8yetAnotherObfuscator. C# obfuscator that bypass windows defender
7SearchOutlook. A C# tool to search through a running instance of Outlook for keywords
6SauronEye. Search tool to find specific files containing specific words, i.e. files containing passwords..
6statistically-likely-usernames. Wordlists for creating statistically likely username lists for use in password attacks and security testing
6DefaultCreds-cheat-sheet. One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
6BlackBox-0.1. The baddest box on the frequency
6WAMBam. Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
6AntminerController. C# - Allows for easy changing of pools across multiple miners.
5ForgeCert. "Golden" certificates
5GhostBuild. GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
5Hashcat-Cheatsheet. Hashcat Cheatsheet for OSCP
4SharpShares. Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
4SharpC2. Command and Control Framework written in C#.
4MimiFud.
4evilgophish. evilginx2 + gophish
4HandShaker. Detect, capture, crack WPA/2 handshakes, WEP Keys and geotag with Android GPS
3PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
3PoshC2. A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
3RemotePotato0. Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.
3bashbunny-payloads. Payloads for the Hak5 Bash Bunny
3hate_crack. A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
3Bloodhound-Custom-Queries. Custom Query list for the Bloodhound GUI based off my cheatsheet
2kerbrute. A tool to perform Kerberos pre-auth bruteforcing
2evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
2EWSToolkit. Abusing Exchange via EWS
2thanatos. Mythic C2 agent targeting Linux and Windows hosts written in Rust
2SharpStay. .NET project for installing Persistence
1SharpHound3. C# Data Collector for the BloodHound Project, Version 3
1TokenStomp. C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
1