K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

Red Teaming Tactics and Techniques

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

Re-play Security Events

Adversary Tactics - PowerShell Training

Windows Exploits

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

Various PowerShell scripts that may be useful during red team exercise

Cmd.exe Command Obfuscation Generator & Detection Test Harness

Open source C2 server created for stealth red team operations

Understand adversary tradecraft and improve detection strategies

Egress-Assess is a tool used to test egress data detection capabilities

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.

Collection of OPSEC Tradecraft and TTPs for Red Team Operations

Windows RID Hijacking persistence technique

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.

Documentation and supporting script sample for Windows Exploit Guard

Use powershell to test Office-based persistence methods

Create a powershell malware loader to run C#.cs code on runtime

Powershell to copy ntds.dit

use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)

powershell to hide process by kd.exe

This repository stores the proof-of-concept of Windows malware categorized with MITRE ATT&CK.

Scripts to threat optics stack quickly / abbreviated and automated. Run after APT-Lab-Terraform

Source code for 'Cyber Operations, 2nd Edition' by Mike O'Leary

Offensive PowerShell Tradecraft

Covert .Evtx files to a MalwLess configuration file