This is your work, valued
Mythic. A collaborative, multi-platform, red teaming framework
4.6koffensive_macos. Tracking of offensive macOS tooling, blogs, and related helpful information
194bifrost. Objective-C library and console to interact with Heimdal APIs for macOS Kerberos
158Orchard. JavaScript for Automation (JXA) tool to do Active Directory enumeration.
107LockSmith. ObjectiveC CLI tool for interacting with macOS Keychain
85HealthInspector. JXA situational awareness helper by simply reading specific files on a filesystem
82macos_execute_from_memory. PoC of macho loading from memory
57dylibHijackScanner. Objective C dylibHijackScanner and analysis tool
42KeytabParser. Python script to parse Keytab files for macOS or *nix (typically /etc/krb5.keytab)
41awesome-osx-command-line. Use your OS X terminal shell to do awesome things.
21macos-popups. Catalog Red Team techniques that cause popups in various macOS versions
16loginItemManipulator. Objective-C
15macOSCameraCapture. Simple CLI utility to save off an image from every webcam hooked into a mac
14Red-Teaming-Toolkit. A collection of open source and commercial tools that aid in red team operations.
13CursedChrome. Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
7smbdoor. Windows kernel backdoor via registering a malicious SMB handler
5ReflectiveLoader. A Reflective Loader for macOS
5build-your-own-x. 🤓 Build your own (insert technology here)
4p0wnedShell. PowerShell Runspace Post Exploitation Toolkit
4website. Personal blog on security
4Tokenvator. A tool to elevate privilege with Windows Tokens
3ClickOnceGenerator. Quick Malicious ClickOnceGenerator for Red Team
3Bella. A pure python, post-exploitation, data mining tool and remote administration tool for macOS.
3Empire. Empire is a PowerShell and Python post-exploitation agent.
3CodeExecutionOnWindows. A list of ways to execute code on Windows using legitimate Windows tools
3WheresMyImplant. C#
3Misc-Powershell-Scripts. Random Tools
3atomic-red-team. Small and highly portable detection tests.
3ProcessHider. Post-exploitation tool for hiding processes from monitoring applications
3overview. Overview stats for its-a-feature repositories
3DNSExfiltrator. Data exfiltration over DNS request covert channel
3koadic. Koadic C3 COM Command & Control - JScript RAT
3PSAttack. A portable console aimed at making pentesting with PowerShell a little easier.
2PoshC2. A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
2EvilOSX. A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.
2LOLBAS. Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
2nextnet. nextnet is a pivot point discovery tool written in Go.
2Invoke-PSImage. Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
2DAMP. The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
2MailSniper. MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
2gcat. A PoC backdoor that uses Gmail as a C&C server
2mayhem. Runtime Process Manipulation
2Red-Baron. Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
2TCC-ClickJacking. A proof of concept for a clickjacking attack on macOS.
2Infosec_Reference. An Information Security Reference That Doesn't Suck
2Internal-Monologue. Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
2RottenPotatoNG. New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
2DotNetToJScript. A tool to create a JScript file which loads a .NET v2 assembly from memory.
1gscript. Scriptable dynamic runtime execution of malware
1monkey. Infection Monkey - An automated pentest tool
1PrintTCCdb. JXA script for Mythic that prints the TCC.db
1aquatone. A Tool for Domain Flyovers
1rev-proxy-grapher. Reverse proxy grapher
1Grouper. A PowerShell script for helping to find vulnerable settings in AD Group Policy.
1sRDI. Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
1electroniz3r. Take over macOS Electron apps' TCC permissions
1