Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.

Source generator to add D/Invoke and indirect syscall methods to a C# project.

A .NET Runtime for Cobalt Strike's Beacon Object Files

Threadless Process Injection using remote function hooking.

A Beacon Object File (BOF) template for Visual Studio

Dump objects from .NET dumps.

Finding secrets in kernel and user memory

A fork of the great TokenTactics with support for CAE and token endpoint v2

Azure JWT Token Manipulation Toolset

Command and Control Framework written in C#

The Havoc Framework

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

Print Spooler Named Pipe Impersonation for Cobalt Strike

Rust Weaponization for Red Team Engagements.

A utility for parsing files with an ActiveX scripting engine.

The Token Stealer

Golang CLI binaries to replace the bash scripts controlling Mythic

MS-FSRVP coercion abuse PoC

UDRL for CS

C# loader that copies a chunk at the time of the shellcode in memory, rather that all at once

C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic

A tool to abuse Exchange services

Swift implementation of in-memory Mach-O loading on macOS

FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads

A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation

TCP Port Redirection Utility