This is your work, valued
Sherlock. PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
2kWatson. Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
1.7kThreatCheck. Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
1.5kTikiTorch. Process Injection
768SharpC2. Command and Control Framework written in C#
433AmsiScanBufferBypass. Bypass AMSI by patching AmsiScanBuffer
283OST-C2-Spec. Open Source C&C Specification
281MiscTools. Miscellaneous Tools
270Crystal-Loaders. A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
232CsWhispers. Source generator to add D/Invoke and indirect syscall methods to a C# project.
194process-inject-kit. Port of Cobalt Strike's Process Inject Kit
193Aggressor-Script. Collection of Aggressor Scripts for Cobalt Strike
172DInvoke. Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
171EWSToolkit. Abusing Exchange via EWS
153PPEnum. Simple BOF to read the protection level of a process
123SpawnWith. C++
112RuralBishop. D/Invoke port of UrbanBishop
108SCMUACBypass. C++
106ExternalC2.NET. .NET implementation of Cobalt Strike's External C2 Spec
89GadgetHunter. Find jmp gadgets for call stack spoofing.
84Fork-n-Run. C#
73MinHook.NET. A C# port of the MinHook API hooking library
55CollectorService. C#
54Rosplant. C#
53AsyncNamedPipes. Send and receive messages over Named Pipes asynchronously.
39pwnlift. Easy peasy file uploads
37KerbApp. HTML
32Invoke-LoginPrompt. Invokes a Windows Security Login Prompt and outputs the clear text password.
25SQL-BOF. Library of BOFs to interact with SQL servers
23AsyncSockets. Example of async client/server sockets in .NET 5
17PacketAlchemy. Playing with packets in C#
15Mjolnir. Shell
14offensive-defence. HTML
14AMSITrigger. The Hunt for Malicious Strings
13Covenant. Covenant is a collaborative .NET C2 framework for red teamers.
13OffensiveCSharp. Collection of Offensive C# Tooling
13SharpRDP. Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
12McAfeeForOutlook. Beef hook OWA / Outlook
12EncryptedKeyExchange. C#
11EDD. Enumerate Domain Data
10CobaltStrike_OpenBeacon. Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.
10SharpSploit. SharpSploit is a .NET post-exploitation library written in C#
8CVE-2018-19320. Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
7BOF-PE. An example reference design for a proposed BOF PE
6KaynLdr. KaynLdr is a Reflective Loader written in C/ASM
6SQLRecon. A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
5rust_syscalls. Single stub direct and indirect syscalling with runtime SSN resolving for windows.
5Titanis. Windows protocol library, including SMB and RPC implementations, among others.
5Rubeus. Trying to tame the three-headed dog.
4InlineExecute-Assembly. InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
4CVE-2021-44228-Apache-Log4j-Rce. Apache Log4j 远程代码执行
4SharpC2-Docs. Python
4FindFrontableDomains. Search for potential frontable domains
4CoreSploit. Initial Commit of Coresploit
4rastamouse.me. HTML
3KaynStrike. URDL for CS
3