SharpChromium. .NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
759SharpWeb. .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
539SharpShares. Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.
302WireTap. .NET 4.0 Project to interact with video, audio and keyboard hardware.
219EventLogParser. Parse PowerShell and Security event logs for sensitive information.
128SharpLogger. Keylogger written in C#
125SharpSearch. Search files for extensions as well as text within.
122CSharpSetThreadContext. C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
120cliProxy. Proxy Unix applications in the terminal
117ScatterBrain. Suite of Shellcode Running Utilities
1131PasswordSuite. Utilities to extract secrets from 1Password
109.NET-Profiler-DLL-Hijack. Implementation of the .NET Profiler DLL hijack in C#
99ProcessReimaging. Process reimaging proof of concept code
96KittyLitter. Credential Dumper
82macos_shell_memory. Execute MachO binaries in memory using CGo
80TSMSISrv_poc. C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll
63wlbsctrl_poc. C++ POC code for the wlbsctrl.dll hijack on IKEEXT
56SharpSC. Simple .NET assembly to interact with services.
43HookDetector. Playing with PE's and Building Structures by Hand
22SharpScreenshot. Dead simple C# project to take a screenshot.
20CSharpCreateThreadExample. C# code to run PIC using CreateThread
17librarian. Shared library loading application for Linux written in Go.
16spfwalker. Tool to walk SPF records for relevant domain names and Whois information.
16GitSecrets. Script to help enumerate and dig through Github and Github Enterprise installations.
15SharpEdge. C# Implementation of Get-VaultCredential
14gosharedlib. Shared library example to be loaded by the github.com/djhohnstein/librarian application
10ghidorah. Golang Brute Force Tool
9MailSniper. MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
8portscanner. Golang portscanning tool
5r77-rootkit. Ring 3 Rootkit DLL
5CPPWebClient. Web client to wrap GET and POST requests in C++
4essdp_fork. Fork of Evil SSDP from InitString. Adds base64 authentication, redirect urls and customizable realm options for internal phishing.
4self-morphing-csharp-binary. C# binary that mutates its own code, encrypts and obfuscates itself on runtime
4VaultBreaker. A toolset designed for attacks against common password managers.
4localGPT. Chat with your documents on your local device using GPT models. No data leaves your device and 100% private.
4polarbearrepo. C++
3ScheduleRunner. A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation
3SharpNeedle. Inject C# code into a running process
3PowerShell-Book-Labs. PowerShell labs from various books
2DerbyCon2019. Code & Slides For DerbyCon 2019
2all-MiniLM-L6-v2-tfjs. all-MiniLM-L6-v2-tfjs
2evilrdp. Python
2Priv2Admin. Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
2MSBuildAPICaller. MSBuild Without MSBuild.exe
2SCShell. Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
2Vuln-Server-Exploits. Exploits for Vuln Server (http://www.thegreycorner.com/2010/12/introducing-vulnserver.html)
1PowerShell. NetSPI PowerShell Scripts
1