DLLHijackTest. DLL and PowerShell script to assist with finding DLL hijacks
342PrimaryTokenTheft. Steal a primary token and spawn cmd.exe using the stolen token
254SharpClipboard. C# Clipboard Monitor
185WhiteChocolateMacademiaNut. Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies
185UrbanBishopLocal. A port of FuzzySecurity's UrbanBishop project for inline shellcode execution
118SwiftSpy. macOS keylogger, clipboard monitor, and screenshotter
93SwiftInMemoryLoading. Swift implementation of in-memory Mach-O loading on macOS
68TimeStomper. PoC that manipulates Windows file times using SetFileTime() API
63LNKMod. C# project to create or modify existing LNKs
55SK8RAT. C++ implant that interfaces with a SK8PARK server
49ObjCShellcodeLoader. macOS shellcode loader written in Objective-C
48SharpCrashEventLog. C# port of LogServiceCrash
46DylibHijackTest. Discover DYLD_INSERT_LIBRARIES hijacks on macOS
45SwiftParseTCC. Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
40SK8PARK. Python 3 server used to control SK8RAT implant
36SharpRoast-Parser. Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
32XORShellcodeLoader. Loads shellcode from a resource file.
21SwiftLiverpool. Enumerate Location Services using CoreLocation API on macOS
19pwnVNC. Python script that will attempt connection to unauthenticated VNC sessions on the entire Internet and take a screenshot of the user's current session.
18SharpCryptUnprotectData. C#
15C-Sharp-Out-Minidump. C# implementation of Out-Minidump.ps1
10SwiftPlist. Partial rewrite of the `plutil` utility on macOS
8MacDirtyCowDemo. Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
6LyncSniper. LyncSniper: A tool for penetration testing Skype for Business and Lync deployments
4darling. Darwin/macOS emulation layer for Linux
3log4j-honeypot-flask. Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
3RdpThief. Extracting Clear Text Passwords from mstsc.exe using API Hooking.
2shad0w. Covert post exploitation framework
2Pwdb-Public. A collection of all the data i could extract from 1 billion leaked credentials from internet.
2MacHack. Hidden Tools in macOS
2Debian8JessieSetup. Run on a fresh install of Debian 8 Jessie to create a new user, give sudo privileges, update your system, update your source list and more!
2Advanced-Process-Injection-Workshop. C++
2MiniShare-1.4.1-RCE. MiniShare 1.4.1 remote buffer overflow leading to RCE.
2Priv2Admin. Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
1DelegationBOF. C++
1inceptor. Template-Driven AV/EDR Evasion Framework
1Havoc. The Havoc Framework
1Crescendo. Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
1macOSTools. macOS Offensive Tools
1AceLdr. Cobalt Strike UDRL for memory scanner evasion.
1Alaris. A protective and Low Level Shellcode Loader that defeats modern EDR systems.
1geacon. Practice Go programming and implement CobaltStrike's Beacon in Go
1Nidhogg. Nidhogg is an all-in-one simple to use rootkit for red teams.
1FunctionStomping. A new shellcode injection technique. Given as C++ header or standalone Rust program.
1nim_shellloader. nim,免杀,红队,shellcode,bypass,apt,bypass-av.
1TestingDLL. TestingDLL using ShellExecuteA to spawn processes
1frostbyte. FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
11PasswordSuite. Utilities to extract secrets from 1Password
1SwiftBelt. A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool.
1XORcipher. Script will ask you to encrypt or decrypt a message by XORing the message with a OTP.
1