Covenant is a collaborative .NET C2 framework for red teamers.

Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)

Deserialization payload generator for a variety of .NET formatters

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

PowerShell rebuilt in C# for Red Teaming purposes

PoCs and tools for investigation of Windows process execution techniques

Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched

SolarWinds Orion Account Audit / Password Dumping Utility

Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI

Lateral Movement technique using DCOM and HTA

Neutering Sysmon via driver unload

Basic C# Project that will take an MSBuild payload and run it with MSBuild via ClickOnce.

Pushes Sysmon Configs

Simple Stock Management Software

the part of the payload that you want on the remote PC