Lists (32)
AD Tools
AI Tools - Software Dev
Azure Tools
BOFs
C2
Cobalt Strike
CVEs
DLL Sideloading
GitHub Attack Techniques
Linux Malware Techniques
Linux Persistence
Linux Rootkits
macOS Malware Techniques
MCP Examples
Mobile Pen Test Tools
Phishing
Pivot Tools
Rust Windows Malware
Secrets Extractors
Social Engineering Tools
Web App Tools
Windows Credential Dumping
Windows Evasion Test Tools
Windows Lateral Movement
Windows Malware Development Tools
Windows Malware Techniques
Windows Privilege Escalation
Windows Reverse Engineering Tools
Windows Shellcode Templates
Windows Tiling
Wireless Tools
Zig Windows Malware
Stars
Identifies the bytes that Microsoft Defender flags on.
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
Dump Azure AD Connect credentials for Azure AD and Active Directory
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
.NET Project for performing Authenticated Remote Execution
SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordonβs (@YuG0rd) BadSuccessor attack from Akamai.
Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation
Astral-PE is a low-level mutator (Headers/EP obfuscator) for native Windows PE files (x32/x64)
PoC to coerce authentication from Windows hosts using MS-WSP
SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Preferences and Secure Preferences files. Currently, it only suppβ¦
A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses β¦
Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but for security research and penetration testing! π«
Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking
Advanced Windows authentication token extraction and decryption tool for red team operations and security research
A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD connect database.
A C# implementation that disables Windows Firewall bypassing UAC