This is your work, valued
inceptor. Template-Driven AV/EDR Evasion Framework
1.8kSysWhispers3. SysWhispers on Steroids - AV/EDR evasion via direct system calls.
1.6kSilentMoonwalk. PoC Implementation of a fully dynamic call stack spoofer
971CVE-2021-40444. CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
827CheeseTools. Self-developed tools for Lateral Movement/Code Execution
724chameleon. PowerShell Script Obfuscator
604vortex. VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit
450DriverJack. Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
360CandyPotato. Pure C++, weaponized, fully automated implementation of RottenPotatoNG
313RAIWhateverTrigger. Local SYSTEM auth trigger for relaying - X
157SharpSelfDelete. C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs
150NimlineWhispers3. A tool for converting SysWhispers3 syscalls for use with Nim projects
146RpcProxyInvoke. Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
138klezVirus.github.io. CyberSec Blog
99SharpLdapRelayScan. C# Port of LdapRelayScan
95koppeling-p. Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
79evilginx-collection. Public repo of some woking evilginx phishlets
42obfuscator. ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1
19DCKFinder. Dangling COM Keys Finder
17AIDA64DRIVER-EoP. AIDA64DRIVER Elevation of Privilege Vulnerability
17titanldr-ng. A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
15LoGiC.NET. A more advanced free and open .NET obfuscator using dnlib.
10codegrepper. Pure python, self-contained, silly implementation of a SAST tool
9AsStrongAsFuck. A console obfuscator for .NET assemblies.
9deser-node. NodeJS Deserialization Payload Generator
8HWSyscalls. HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
8LdrLibraryEx. A small x64 library to load dll's into memory.
7msf-revhttp-gen. Little utility to facilitate Metasploit Reverse HTTP Payloads
7faceless. Faceless - Simple Tool for Text-File Anonymization
7mapt-run. Simple script to setup a local hosted network for Mobile Application Penetration Testing
6nmap-report. A simple tool that can be use to extract usful information from a nmap scan
6BOFRyptor. Assembly
6LazySign. Create fake certs for binaries using windows binaries and the power of bat files
5CryptoCheck. NIST-CAVS Extended - Encryption Auto Testing Toolkit
5nx_reporter. Rapid7 Nexpose template-based report generator
4overlord. Overlord - Red Teaming Infrastructure Automation
4angryorchard. A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
4muts-opt-encoder. Independent implementation of the optimized SUB-Encoder
4XSStrike. Most advanced XSS scanner.
4deser-py. Python Deserialization Payload Generator
4klezVirus. Temporary unavailable...
4camanager. A simple CA management utility for generating certificates based on a local CA
3deser-ruby. Ruby Deserialization Payload Generator
3HandleKatz. PIC lsass dumper using cloned handles
3donut. Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
3ADCSPwnNG. A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
3oldrivrs. some old drivers and misc crap from a while ago
2MalMemDetect. Detect strange memory regions and DLLs
2sam-the-admin. Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
2SylantStrike. Simple EDR implementation to demonstrate bypass
2trevorc2. TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
2SharpHellsGate. C# Implementation of the Hell's Gate VX Technique
1GadgetToJScript. A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
1