Stars
InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution
Nxvh1337 / clroxide
Forked from yamakadi/clroxideA rust library that allows you to host the CLR and execute dotnet binaries.
AdaptixC2 is a highly modular advanced redteam toolkit
Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries
A python tool to parse and describe the contents of a raw ntSecurityDescriptor structure.
Privilege Escalation Enumeration Script for Windows
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A cross platform library to write offensive and defensive security tools in Go
The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
smbclient-ng, a fast and user friendly way to interact with SMB shares.
A cross platform Go library to work with Windows Security Descriptors
Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
Chrome browser extension-based Command & Control
Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage and…
LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTT…
This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those ded…
BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
This repository contains a list of python scripts to work with Microsoft RPC for research purposes.
Red Teaming Tactics and Techniques
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.