This is your work, valued
SniffAir. A framework for wireless pentesting.
1.2kSourcePoint. SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
1.2kZipExec. A unique technique to execute binaries from a password protected zip
1kLimelighter. A tool for generating fake code signing certificates or signing real ones
974FaceDancer. FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
442ScareCrow. ScareCrow - Payload creation framework designed around EDR bypass.
374Vibe. A framework for stealthy domain reconnaissance
303Freeze.rs. Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
196Freeze. Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
133Mangle. Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
105Auto_EAP. Automated Brute-Force Login Attacks Against EAP Networks.
58Talon. A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
46Slides.
39Ivy. Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
24GraphRunner. A Post-exploitation Toolset for Interacting with the Microsoft Graph API
16Dent. A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
15File-Smuggling. HTML smuggling is not an evil, it can be useful
14PackMyPayload. A PoC that packages payloads into output containersb to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
9build_a_phish. Ansible playbook to deploy a phishing engagement
7SysWhispers3. SysWhispers on Steroids - AV/EDR evasion via direct system calls.
6SharpAllTheThings. The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
5SharpCollection. Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
4PECheck. A tool to verify and create PE Checksums for Portable Executable (PE) files.
4rustdesk-hvnc. HVNC based on RustDesk
4Scapy-com. Forked extended scapy version
4InlineExecute-Assembly. InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
3cs-tools. cobalt strike tools
3File-Tunnel. Tunnel TCP connections through a file
3AzureAttackKit. Collection of Azure Tools to Pull down for Attacking an Env
3spoolsystem. Print Spooler Named Pipe Impersonation for Cobalt Strike
3PetitPotam. PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
2EvilnoVNC. Ready to go Phishing Platform
2Dockerfiles. My collection of dockerfiles
2TREVORspray. TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
2slurp. The original slurp source
1evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
1gofalcon. Golang-based SDK to CrowdStrike's APIs
1