Vincent Yiu

Elite
@vysecurity

@vysecurity

LinkedInt. LinkedIn Recon Tool

1.2k

RedTips. Red Team Tips as posted by @vysecurity on Twitter

1.1k

DomLink. A tool to link a domain with registered organisation names and emails, to other domains.

847

DomainFrontingLists. A list of Domain Frontable Domains by CDN

578

morphHTA. morphHTA - Morphing Cobalt Strike's evil.HTA

530

IPFuscator. IPFuscator - A tool to automatically generate alternative IP representations

408

ANGRYPUPPY. Bloodhound Attack Path Automation in CobaltStrike

325

Aggressor-VYSEC. PowerShell

210

CVE-2017-8759. CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.

176

ps1-toolkit. Obfuscated Penetration Testing PowerShell scripts

153

genHTA. Generates anti-sandbox analysis HTA files without payloads

122

CobaltSplunk. Splunk Dashboard for CobaltStrike logs

90

checkO365. checkO365 is a tool to check if a target domain is using O365

87

CVE-2018-4878. Aggressor Script to launch IE driveby for CVE-2018-4878

86

CACTUSTORCH. CACTUSTORCH: Payload Generation for Adversary Simulations

77

ATT-CK_Analysis. Repository for my ATT&CK analysis research.

70

ExfilServer. Client-side Encrypted Upload Server Python Script

67

FSharp-Shellcode. F# Implementation to spawn shellcode

47

Invoke-ProcessScan. Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.

47

AzureAppC2. A script that can be deployed to Azure App for C2 / Proxy / Redirector

42

PSPunch. An offensive Powershell console

30

OffensiveLAM. A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or BRC4.

26

basicAuth. Basic Auth Phish page

25

PacketParser. A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.

22

ShellcodeConversion. A collection of shell code conversion scripts that I have written over time for repetitive tasks

19

RDPInception. A script to attack users who are RDPing into a machine and recurse this attack. For security testers and attack simulations.

19

msmailprobe2. Office 365 and Exchange Enumeration Version 2

18

WindfarmDynamite-CNA. CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe

16

Office365TenantsList. Office365 Tenants List

16

redteam-plan. Issues to consider when planning a red team exercise.

15

Nemesis-Download-Watcher. Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.

15

VBA-RunPE. A VBA implementation of the RunPE technique or how to bypass application whitelisting.

14

autovpn. Easily connect to a VPN in a country of your choice

14

AggressorScripts-1. Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

13

EmpireAMSI. PowerShell

13

DoH-Servers. DNS over HTTPS Servers

13

IPFilter. IP address filter by City

12

DriverVulnCheck. Takes Bruteratel `drivers` output and checks it against loldrivers.io

10

S3Scanner. Scan for open S3 buckets and dump

10

HostnameRotator. Daily hostname rotator

9

wepwnise. A generator to weaponize Macro payloads that can evade EMET and utilises native VB migration.

9

BadIP. Bad Security Vendor IPs

9

EDRs. C

7

PWNDB. Parse PWNDB

7

nuclei-templates-notags.

6

APT_CyberCriminal_Campagin_Collections. APT & CyberCriminal Campaign Collection

6

Windows-SignedBinary. Python

6

SCTPersistence. Create COM Objects backed by Scripts, not DLLs

6

vysecurity.

6

ASNLookup. ASNLookup Tool that queries Cymru's WHOIS Service

6

CVE-2024-26229-BOF. BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel

5

reflectivepotato. MSFRottenPotato built as a Reflective DLL. Work in progress. Gotta love Visual C++

5

merlin. Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

4

go-shellcode. A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

4

magnifier0day. Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking

4

SUDO_KILLER. A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo

4

vmware_vcenter_cve_2020_3952. Exploit for CVE-2020-3952 in vCenter 6.7

3

doxycannon. A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

3

DefaultCreds-cheat-sheet. One place for all the default credentials to assist the pentesters during an engagement / A valid dataset for the data scientist

3

GoPurple. Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions

3
60
Apply