United States

Dylan Evans

Elite
@fin3ss3g0d

๐Ÿ”“ Master of the virtual heist. Unlocks cyber doors while wearing a white hat. OSEP-certified ethical hacker, converting caffeine โ˜• and curiosity ๐Ÿค” into code.

evilgophish. evilginx3 + gophish

2k

cypherhound. Your template-based BloodHound terminal companion tool

452

secretsdump.py. Enhanced version of secretsdump.py from Impacket. Adds multi-threading and accepts an input file with a list of target hosts for simultaneous secrets extraction.

257

StoneKeeper. StoneKeeper C2, an experimental EDR evasion framework for research purposes

209

ASPJinjaObfuscator. Heavily obfuscated ASP web shell generation tool.

176

NativeThreadpool. Work, timer, and wait callback example using solely Native Windows APIs.

89

IoDllProxyLoad. DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly

66

HookFinder. Simple PoC to locate hooked functions by EDR in ntdll.dll

46

CosmicRakp. CVE-2013-4786 Go exploitation tool

40

AddRemoteDA.py. Active Directory post exploitation kit for security purposes

11

DPAT. Domain Password Audit Tool for Pentesters

11

SAMPasswordReuseChecker.py. A Python tool for detecting local admin password reuse across SAM files in an Active Directory environment, with support for user blacklisting and optional Excel reporting.

9

CVE-2024-4956. CVE-2024-4956 Python exploitation utility

9

ChatGPT-Prompts. Useful ChatGPT prompts for offensive security work

8

hashcat. World's fastest and most advanced password recovery utility

8

PoolParty. A set of fully-undetectable process injection techniques abusing Windows Thread Pools

8

Shiro1Extractor. Python utility for extracting Apache Shiro 1 hashes from OrientDB files

2

Shiro1Tools. Tools that were used during the development of the Apache Shiro 1 Hashcat module

2

Nuages. A modular C2 framework

1

BloodHoundQueryLibrary. A community-driven collection of BloodHound queries

1

chisel. A fast TCP/UDP tunnel over HTTP

1

CVE-2024-5764. CVE-2024-5764 exploitation script

1

ldd_json_parser.sh. A bash script for parsing JSON files from ldapdomaindump, extracting and printing computer DNS names or user names to stdout.

1
23
Apply