This is your work, valued
Checklists. Red Teaming & Pentesting checklists for various engagements
2.7kDefault-Credentials. Default usernames and passwords for various systems (VoIP,IPMI,Oracle).
444Digital-Signature-Hijack. Binaries, PowerShell scripts and information about Digital Signature Hijacking.
227Pentest-Bookmarks. Database of websites for penetration testing
184AMSI-Provider. A fake AMSI Provider which can be used for persistence.
156GhostLoader. GhostLoader - AppDomainManager - Injection - 攻壳机动队
54CheatSheets. Commands to perform various activities related to penetration testing and red teaming
21iPurpleTeam. Frameworks, Methodologies, Detection Rules and Tooling for establishing a Purple Team program.
12Red-Teaming-Toolkit. A collection of open source and commercial tools that aid in red team operations.
11Social-Engineering-Payloads. Collection of generic social engineering payloads
11Red-Team-CheatSheets. The website version of CheatSheets
10Execute-CSharp-From-XSLT-TEST. XSLT
8ApplicationWhitelistBypassTechniques. A Catalog of Application Whitelisting Bypass Techniques
8Pentest-Scripts. Scripts that can be used in penetration testing engagements.
7awesome-sec-talks. A collected list of awesome security talks
7Credential-Dumping. This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks
6subTee-gits-backups. subTee gists code backups
5Red-Team-Infrastructure-Wiki. Wiki to collect Red Team infrastructure hardening resources
5Shellcode-Via-HTA. How To Execute Shellcode via HTA
5AD-control-paths. Active Directory Control Paths auditing and graphing tools
4lazykatz. Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.
4netbiosX. Config files for my GitHub profile.
4StegoKatz. Mimikatz encoded into various files
4Aggressor-scripts. Aggressor scripts I've made for Cobalt Strike
4Checklists-Website. The website version for checklists project
4Interceptor. PowerShell HTTP(s) Intercepting Proxy
4DotNetToJScript. A tool to create a JScript file which loads a .NET v2 assembly from memory.
3PowerSploit. PowerSploit - A PowerShell Post-Exploitation Framework
3Evil. Executes Mixed .NET and Native DLL via regsvr32
3Sim. C# User Simulation
3RogueMMC. Execute Shellcode And Other Goodies From MMC
3MaliciousMacroGenerator. Malicious Macro Generator
3AllTheThings. Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.
3nishang. Nishang - PowerShell for penetration testing and offensive security.
3hackerEnv. Shell
3RegistrationFreeCOM. Inject DLL Prototype using Microsoft.Windows.ACTCTX COM Object
3PoshRat. PowerShell Reverse HTTPs Shell
3gcat. A fully featured backdoor that uses Gmail as a C&C server
3windows-operating-system-archaeology. windows-operating-system-archaeology @Enigma0x3 @subTee
3EvilWMIProvider. Installs And Executes Shellcode
3Misc-PowerShell-Stuff. random powershell goodness
3HatDBG. Minimal WIN32 Debugger in powershell
2SCTPersistence. Create COM Objects backed by Scripts, not DLLs
2Utils. Execute Mimikatz In Memory - InstallUtil, Regsvcs, Regasm
2MimikatzLite. Minimal MimiKatz One Executable... All credits to Benjamin Delpy @gentilkiwi
2DerbyCon2016. Code Samples and Slides From DerbyCon 2016
2AppInitGlobalHooks-Mimikatz. Hide Mimikatz From Process Lists
1kernelpop. kernel privilege escalation enumeration and exploitation framework
1ClickOnceKatz. Execute Mimikatz Inside of ClickOnce Application
1