Stars
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
Simple (relatively) things allowing you to dig a bit deeper than usual.
My experiments in weaponizing Nim (https://nim-lang.org/)
Rust Weaponization for Red Team Engagements.
A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
AV/EDR evasion via direct system calls.
Cobalt Strike Malleable C2 Design and Reference Guide
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
Alternative Shellcode Execution Via Callbacks
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Research code & papers from members of vx-underground.
Python client for Microsoft Exchange Web Services (EWS)
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
Also known by Microsoft as Knifecoat 🌶️
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
StandIn is a small .NET35/45 AD post-exploitation toolkit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
Evasive shellcode loader for bypassing event-based injection detection (PoC)