CheatSheets. Cheat sheets for various projects.
1.1kDAMP. The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
384PowerUp. This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current version.
255ASREPRoast. Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
210Misc-PowerShell. Misc. PowerShell scripts
120TrustVisualizer. Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.
102pylnker. This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
80cortana. This is a pack of Cortana scripts commonly used on our pentests.
70ImpDump. This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.dit databases.
70EncryptedStore. Offensive Data Storage
61Arya. Arya is a simple obfuscator for .NET binaries.
37Invoke-ADDefense. Defensive-oriented Active Directory enumeration
23Malleable-C2-Profiles. Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use.
19NetRipper. NetRipper - Smart traffic sniffing for penetration testers
17PowerShellArsenal. A PowerShell Module Dedicated to Reverse Engineering
15red_team_tool_countermeasures. YARA
12SharpMove. .NET Project for performing Authenticated Remote Execution
12PowerSploit. PowerSploit - A PowerShell Post-Exploitation Framework
12WINspect. Powershell-based Windows Security Auditing Toolbox
10sparta. Network Infrastructure Penetration Testing Tool
10cortana-scripts. A collection of Cortana scripts that you may use with Armitage and Cobalt Strike.
9Powershellery. This repo contains Powershell scripts used for general hackery.
8Invoke-Obfuscation. PowerShell Obfuscator
82018. PowerShell Conference Europe 2018 Slides and Demo Scripts
8GhostLoader. GhostLoader - AppDomainManager - Injection - 攻壳机动队
8InlineExecute-Assembly. InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
8PowerUpSQL. PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
8netview. Netview enumerates systems using WinAPI calls
7Ps-Tools. Ps-Tools, an advanced process monitoring toolkit for offensive operations
7PEzor. Open-Source PE Packer
7Invoke-AltDSBackdoor. PowerShell
7SharpSphere. .NET Project for Attacking vCenter
6Misc-PowerShell-Stuff. random powershell goodness
62016. PowerShell Conference EU 2016 Slides and Demo Scripts
6IndicatorOfCanary. Canary Detection
6cypher_validator. Simple Python validator for Cypher query syntax.
6ATPMiniDump. Evading WinDefender ATP credential-theft
6RdpThief. Extracting Clear Text Passwords from mstsc.exe using API Hooking.
6Recon-AD. Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
5WMIReg. PoC to interact with local/remote registry hives through WMI
5Dumpert. LSASS memory dumper using direct system calls and API unhooking.
5Zipper. Zipper, a CobaltStrike file and folder compression utility.
5Inveigh. Inveigh is a Windows PowerShell LLMNR/NBNS spoofer with challenge/response capture over HTTP/SMB
5NBDServer. Network Block Device Server for windows with a DFIR/forensic focus.
5sRDI. Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
5PSReflect. Easily define in-memory enums, structs, and Win32 functions in PowerShell
4GetInjectedThreads. C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
4BOF.NET. A .NET Runtime for Cobalt Strike's Beacon Object Files
2SharpClipboard. C# Clipboard Monitor
2slack.
1counterfit. a CLI that provides a generic automation layer for assessing the security of ML models
1