Norway

Melvin L

Elite
@Flangvik

Red Team at TrustedSec

SharpCollection. Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

2.9k

TeamFiltration. TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

1.4k

SharpDllProxy. Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

916

BetterSafetyKatz. Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.

886

NetLoader. Loads any C# binary in mem, patching AMSI + ETW.

850

AMSI.fail. C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.

451

ObfuscatedSharpCollection. Attempt at Obfuscated version of SharpCollection

263

SharpProxyLogon. C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection

249

CobaltBus. Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus

248

AzureC2Relay. AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.

236

Bobber. Bounces when a fish bites - Evilginx database monitoring with exfiltration automation

184

DeployPrinterNightmare. C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!

180

QRucible. Python utility that generates "imageless" QR codes in various formats

140

SharpExfiltrate. Modular C# framework to exfiltrate loot over secure and trusted channels.

132

DLLSideloader. PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading

131

RosFuscator. YouTube/Livestream project for obfuscating C# source code using Roslyn

127

SharpAppLocker. C# port of the Get-AppLockerPolicy PS cmdlet

99

UAC-D-E-Rubber-Ducky. Python2 / BASH / VBS- UAC D&E Rubber Ducky

68

HIDAAF. Python - Human Interface Device Android Attack Framework

46

ADCSPwn. A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

41

HTB-HDBadgeGenerator. HackTheBox High Definition Badge Generator

29

collector. Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.

19

CobaltStuff.

14

remote_wrapper. Extensible Mythic Wrapper that allows payload wrapping to occur on a remote host

11

SimpleSourceProtector. Simple c# source code obfuscator

10

Ethical-Hacking-101-Cheat-Sheet. Cheat Sheet High School Student

8

yetAnotherObfuscator. C# obfuscator that bypass windows defender

7

SearchOutlook. A C# tool to search through a running instance of Outlook for keywords

6

SauronEye. Search tool to find specific files containing specific words, i.e. files containing passwords..

6

statistically-likely-usernames. Wordlists for creating statistically likely username lists for use in password attacks and security testing

6

DefaultCreds-cheat-sheet. One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

6

BlackBox-0.1. The baddest box on the frequency

6

WAMBam. Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post

6

AntminerController. C# - Allows for easy changing of pools across multiple miners.

5

ForgeCert. "Golden" certificates

5

GhostBuild. GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects

5

Hashcat-Cheatsheet. Hashcat Cheatsheet for OSCP

4

SharpShares. Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain

4

SharpC2. Command and Control Framework written in C#.

4

MimiFud.

4

evilgophish. evilginx2 + gophish

4

HandShaker. Detect, capture, crack WPA/2 handshakes, WEP Keys and geotag with Android GPS

3

PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF

3

PoshC2. A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

3

RemotePotato0. Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.

3

bashbunny-payloads. Payloads for the Hak5 Bash Bunny

3

hate_crack. A tool for automating cracking methodologies through Hashcat from the TrustedSec team.

3

Bloodhound-Custom-Queries. Custom Query list for the Bloodhound GUI based off my cheatsheet

2

kerbrute. A tool to perform Kerberos pre-auth bruteforcing

2

evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

2

EWSToolkit. Abusing Exchange via EWS

2

thanatos. Mythic C2 agent targeting Linux and Windows hosts written in Rust

2

SharpStay. .NET project for installing Persistence

1

SharpHound3. C# Data Collector for the BloodHound Project, Version 3

1

TokenStomp. C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic

1
55
Apply