Gamma Quadrant 4

Steve Borosh

Elite
@rvrsh3ll

I hack code together and hope it works.

FindFrontableDomains. Search for potential frontable domains

647

Bolthole. Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.

300

SharpPrinter. Discover Printers

173

MSBuildAPICaller. MSBuild Without MSBuild.exe

155

SharpSMBSpray. Spray a hash via smb to check for local administrator access

143

SharpCOM. CSHARP DCOM Fun

137

NoMSBuild. MSBuild without MSbuild.exe

135

Azure-App-Tools. Collection of tools to use with Azure Applications

113

SharpExcel4-DCOM. Port of Invoke-Excel4DCOM

104

Word-Doc-Video-Embed-EXE-POC. HTML

93

SharpFruit. A C# penetration testing tool to discover low-haning web fruit via web requests.

91

RendezvousRAT. Self-healing RAT utilizing libp2p

88

MimeSpray. MimeCast Password Spraying Tool

47

PenTesting-Scripts. A ton of helpful tools

39

FindIngressEmail. Find Inbound Email Domains

34

PELoader. Load PE via XML Attribute

31

RuralBishop. D/Invoke port of UrbanBishop

30

CrypoCurrencyPowerShell. PowerShell

30

FlaskRedirectorProtector. Protect your servers with a secret header

29

Sharp-Suite. My musings with C#

28

HashCant. Some Hashcat Rules for 2020 and beyond. Contributions encouraged!

26

MSSQLUDPScanner. Discover MSSQL Instances via UDP Scanning

25

DInjector. Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL

23

OSGiScanner. Scan for OSGi Consoles

21

eavesarp. Analyze ARP requests to identify hosts that are communicating with one another.

19

SharpSSDP. SSDP Service Discovery

17

Phunter. Phunter is an osint tool allowing you to find various information via a phone number 🔎📞

14

UACSilentCleanup. C#

14

SharpEdge. C# Implementation of Get-VaultCredential

13

Armitage-Cortana-Resource-Opener. Open Resource Files in Armitage with Cortana

12

Carnac. Carnac The Magnificent: Pancakeswap Prediction Market Bot

11

POSH-Commander. Invoke remote powershell scripts in memory of compromised hosts.

11

PoC-in-GitHub. 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

11

CanaryServer. Fake SMB and SAMR data

11

MiniDump. alternative to procdump

11

SpoolFool. Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

10

evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

10

ociRecon. A Python tool for listing and managing various Oracle Cloud Infrastructure (OCI) resources using the OCI API.

9

SkiDzEX. A modded version of ConfuserEx | SkiDzEx

9

Shellcode-Via-HTA. How To Execute Shellcode via HTA

8

KeyTabExtract. Extracts Key Values from .keytab files

8

LeakedWallpaper. Leak of any user's NetNTLM hash. Fixed in KB5040434

8

BEAR. Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.

8

atomic-red-team. Small and highly portable detection tests.

8

NET-Obfuscate. Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI

7

365Inspect. A PowerShell script that automates the security assessment of Microsoft Office 365 environments.

7

CVE-2021-21973. Proof of Concept Exploit for vCenter CVE-2021-21972

7

Posh-Runas. PowerShell

6

OracleCommander. Oracle Commander

6

CVE-2021-1675. Impacket implementation of CVE-2021-1675

6

bbot. OSINT automation for hackers.

6

ADEnum. Active Directory Enumeration Tool

6

MiscTools. Miscellaneous Tools

6

X-Commander. MySQLlX Multitool

6

RDP-Users. Lists the IP, hostname, and Active Directory username of Remote Desktop Protocol (RDP) users connected to a Windows Terminal Server.

5

C2-Tool-Collection. A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

5

trufflehog. Find credentials all over the place

5

NtDumpBOF. C

5
58
Apply