A manager for game achievements in Steam.

The Bloaty and the Nosy: No Bloat, No Problem!

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Network Analysis Tool

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Run PowerShell with rundll32. Bypass software restrictions.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

The Hunt for Malicious Strings

RunasCs - Csharp and open version of windows builtin runas.exe

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Also known by Microsoft as Knifecoat 🌶️

PowerShell rebuilt in C# for Red Teaming purposes

A C# Command & Control framework

PoCs and tools for investigation of Windows process execution techniques

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

Loads any C# binary in mem, patching AMSI + ETW.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.

Sandman is a NTP based backdoor for hardened networks.

Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).

Threadless Process Injection using remote function hooking.

C# obfuscator that bypass windows defender

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.