Remote Administration Tool for Windows

A manager for game achievements in Steam.

The Bloaty and the Nosy: No Bloat, No Problem!

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Network Analysis Tool

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Deprecated - Low Orbit Ion Cannon - An open source network stress tool, written in C#. Based on Praetox's LOIC project. USE ON YOUR OWN RISK. WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. IF YOU GET V…

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Run PowerShell with rundll32. Bypass software restrictions.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

The Hunt for Malicious Strings

RunasCs - Csharp and open version of windows builtin runas.exe

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Also known by Microsoft as Knifecoat 🌶️

PowerShell rebuilt in C# for Red Teaming purposes

A C# Command & Control framework

PoCs and tools for investigation of Windows process execution techniques

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Loads any C# binary in mem, patching AMSI + ETW.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.

Sandman is a NTP based backdoor for hardened networks.