This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.

A swiss army knife for pentesting networks

An open-source, free protector for .NET applications

Execute shellcode from a remote-hosted bin file using Winhttp.

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor…

A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.ex…

Search for potential frontable domains

Single stub direct and indirect syscalling with runtime SSN resolving for windows.

Collection of Beacon Object Files (BOF) for Cobalt Strike

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

LDAP library for auditing MS AD

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

Maximizing BloodHound. Max is a good boy.

Simple (relatively) things allowing you to dig a bit deeper than usual.

A light-weight first-stage C2 implant written in Nim (and Rust).

Improved version of EKKO by @5pider that Encrypts only Image Sections

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

Patching AmsiOpenSession by forcing an error branching

Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell process is created, the implant will be executed too.

Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

The recursive internet scanner for hackers. 🧡

Portable C library for proxy support, designed to be used as a drop-in replacement for connect().

Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.

A .NET Runtime for Cobalt Strike's Beacon Object Files

Call stack spoofing for Rust

Also known by Microsoft as Knifecoat 🌶️

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX