This is your work, valued

Error: Unable to resolve

Marcello

Elite
@byt3bl33d3r

T H I C C M A L W A R E

CrackMapExec. A swiss army knife for pentesting networks

9.2k

MITMf. Framework for Man-In-The-Middle attacks

3.6k

OffensiveNim. My experiments in weaponizing Nim (https://nim-lang.org/)

3.1k

SILENTTRINITY. An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

2.3k

DeathStar. Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

1.6k

SprayingToolkit. Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

1.6k

gcat. A PoC backdoor that uses Gmail as a C&C server

1.4k

ItWasAllADream. A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

801

WitnessMe. Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

763

pth-toolkit. Modified version of the passing-the-hash tool collection made to work straight out of the box

617

OffensiveDLR. Toolbox containing research notes & PoC code for weaponizing .NET's DLR

528

Red-Baron. Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

386

SpamChannel. Spoof emails from any of the +2 Million domains using MailChannels (DEFCON 31 Talk)

347

chrome-decrypter. Python script to decrypt saved Chrome usernames and passwords on windows

288

pyMalleableC2. Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.

288

arpspoof. Python clone of arpspoof that can poison hosts via arp-requests as well as arp-replies

199

sslstrip2. A mirror of the original SSLstrip+ code by Leonardo Nve

184

dnschef-ng. DNSChef (NG) - DNS proxy for Penetration Testers and Malware Analysts

175

NimDllSideload. DLL sideloading/proxying with Nim!

175

AnsiblePlaybooks. A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools

165

duckhunter. Converts a USB Rubber ducky script into a Kali Nethunter friendly format for the HID attack

149

Slides. Slides from various talks that I've given over the years

118

DHCPShock. Spoofs a DHCP server and exploits all clients vulnerable to the 'ShellShock' bug

86

BOF-Nim. Cobalt Strike BOF Files with Nim!

85

BeEF-API. Python library that facilitates interfacing with BeEF via it's RESTful API

79

webview_d3. Generate graphs with NetworkX, natively visualize with D3.js and pywebview

71

Naga. A C# stager for SILENTTRINITY (https://github.com/byt3bl33d3r/SILENTTRINITY)

68

Invoke-AutoIt. Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes

62

wifi-graper. Automatically get internetz from access points that have MAC based filtering enabled

57

CME-PowerShell-Scripts. A collection of modifed PowerShell Scripts for CrackMapExec (https://github.com/byt3bl33d3r/CrackMapExec)

56

toby. Recursively searches a directory for any file containing a specified string

47

smbmap. SMBMap is a handy SMB enumeration tool

38

UhOh365. A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.

33

MemeGenerator. Modern problems require modern solutions

32

pythoncookie. My Python Cookiecutter project template

32

gemini-web-navigator. Experiments with Google Gemini's Vision capabilities for LLM driven/aided web navigation and desktop manipulation

30

tailscalesd. Prometheus Service Discovery for Tailscale (Python Edition)

27

Utinni. An async Python client library for Empire's RESTful API

26

Kaliya. A cross-platform stager for SILENTTRINITY (https://github.com/byt3bl33d3r/SILENTTRINITY)

26

cmd2powershell. Converts a command to a base64 powershell compatible string

26

shellcode_retriever. Downloads shellcode over HTTP and executes in memory. Now with threading! Rejoice!

22

Awesome-Profile-README-templates. A collection of awesome readme templates to display on your profile

20

herpaderping. Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

20

BloodHound-Tools. Miscellaneous tools for BloodHound

19

Empire. Empire is a PowerShell and Python 3.x post-exploitation framework.

18

PowerSploit. PowerSploit - A PowerShell Post-Exploitation Framework

18

MITMf-opt-plugins. Optional plugins for MITMf

17

PrivExchange. Exchange your privileges for Domain Admin privs by abusing Exchange

17

Leek-LLM. Use a LLM to create the ultimate Leek AI for Leek Wars! 🥬

17

playwright-heap-snapshot. API and CLI tool to fetch and query Chome DevTools heap snapshots (Python & Playwright)

16

tmux-config. Tmux configuration, that supercharges your tmux to build cozy and cool terminal environment

14

msldap. LDAP library for auditing MS AD

13

dockerxxx. An 💦 orgasmic 💦 Python library for the Docker Engine API 🥵

13

log4j-scan. A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

13

ldapdomaindump. Active Directory information dumper via LDAP

13

jamaal-re-tools. Automatically exported from code.google.com/p/jamaal-re-tools

13

Seatbelt. Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

12