This is your work, valued

Tylous

Elite
@Tylous

SniffAir. A framework for wireless pentesting.

1.2k

SourcePoint. SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

1.2k

ZipExec. A unique technique to execute binaries from a password protected zip

1k

Limelighter. A tool for generating fake code signing certificates or signing real ones

974

FaceDancer. FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading

442

ScareCrow. ScareCrow - Payload creation framework designed around EDR bypass.

374

Vibe. A framework for stealthy domain reconnaissance

303

Freeze.rs. Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

196

Freeze. Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

133

Mangle. Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

105

Auto_EAP. Automated Brute-Force Login Attacks Against EAP Networks.

58

Talon. A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

46

Slides.

39

Ivy. Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

24

GraphRunner. A Post-exploitation Toolset for Interacting with the Microsoft Graph API

16

Dent. A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

15

File-Smuggling. HTML smuggling is not an evil, it can be useful

14

PackMyPayload. A PoC that packages payloads into output containersb to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

9

build_a_phish. Ansible playbook to deploy a phishing engagement

7

SysWhispers3. SysWhispers on Steroids - AV/EDR evasion via direct system calls.

6

SharpAllTheThings. The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.

5

SharpCollection. Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

4

PECheck. A tool to verify and create PE Checksums for Portable Executable (PE) files.

4

rustdesk-hvnc. HVNC based on RustDesk

4

Scapy-com. Forked extended scapy version

4

InlineExecute-Assembly. InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

3

cs-tools. cobalt strike tools

3

File-Tunnel. Tunnel TCP connections through a file

3

AzureAttackKit. Collection of Azure Tools to Pull down for Attacking an Env

3

spoolsystem. Print Spooler Named Pipe Impersonation for Cobalt Strike

3

PetitPotam. PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

2

EvilnoVNC. Ready to go Phishing Platform

2

Dockerfiles. My collection of dockerfiles

2

TREVORspray. TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

2

slurp. The original slurp source

1

evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

1

gofalcon. Golang-based SDK to CrowdStrike's APIs

1