MDSec's ActiveBreach Team
SharpShooter. Payload Generation Framework
2ko365-attack-toolkit. A toolkit to attack Office365
1.1kCACTUSTORCH. CACTUSTORCH: Payload Generation for Adversary Simulations
1kChameleon. Chameleon: A tool for evading Proxy categorisation
521LinkedInt. LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
492Farmer. C#
427RDPInception. A proof of concept for the RDP Inception Attack
355DragonCastle. A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
305RegPwn. C#
241PowerDNS. PowerDNS: Powershell DNS Delivery
218com_inject. C++
212ParallelSyscalls. C++
170SharpPack. An Insider Threat Toolkit
157firewalker. C
153sitrep. C#
127WMIPersistence. WMI Event Subscription Persistence in C#
113Browser-ExternalC2. External C2 Using IE COM Objects
100Execute-GithubAssembly-Aggressor. Aggressor Script to Execute Assemblies from Github
71CloneVault. C#
71functionpeekaboo. C++
61RegistryStrikesBack. C#
53lambda-webbugs. A proof of concept for delivering webbugs via AWS lambda
46ANGRYPUPPY. Bloodhound Attack Path Automation in CobaltStrike
30SharpAltiris. C#
25CVE-2018-4878. ActionScript
23PleasantTools. Tools for Attacking Pleasant Password Server
23CVE-2023-26258-ArcServe. Python
23TakeATest. JavaScript
20genHTA. Generates anti-sandbox analysis HTA files without payloads
16Invoke-ProcessScan. Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
15morphHTA. morphHTA - Morphing Cobalt Strike's evil.HTA
11CVE-2017-8759. CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.
9LyncSniper. LyncSniper: A tool for penetration testing Skype for Business and Lync deployments
9Aggressor-VYSEC. PowerShell
4