A manager for game achievements in Steam.

The Bloaty and the Nosy: No Bloat, No Problem!

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Network Analysis Tool

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Run PowerShell with rundll32. Bypass software restrictions.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

RunasCs - Csharp and open version of windows builtin runas.exe

The Hunt for Malicious Strings

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Also known by Microsoft as Knifecoat 🌶️

PowerShell rebuilt in C# for Red Teaming purposes

A C# Command & Control framework

PoCs and tools for investigation of Windows process execution techniques

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Loads any C# binary in mem, patching AMSI + ETW.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).

OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.

C# obfuscator that bypass windows defender

Sandman is a NTP based backdoor for hardened networks.

Threadless Process Injection using remote function hooking.

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.