CCob

Ceri Coburn CCob

1.3k followers · 2 following

Achievements

x3 x2

Achievements

x3 x2

MinHook.NET Public

A C# port of the MinHook API hooking library

api trampoline detour hooking

C# 224 43 BSD 3-Clause "New" or "Revised" License Updated Oct 21, 2025
gssapi-abuse Public

A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks

Python 182 23 Updated Aug 16, 2025
sandbox-attacksurface-analysis-tools Public
Forked from googleprojectzero/sandbox-attacksurface-analysis-tools

Set of tools to analyze Windows sandboxes for exposed attack surface.

C# 3 1 Apache License 2.0 Updated May 22, 2025
Volumiser Public

C# 418 40 Updated Apr 22, 2025
Rubeus Public
Forked from GhostPack/Rubeus

Trying to tame the three-headed dog.

C# 9 Other Updated Feb 25, 2025
Shwmae Public

C# 161 13 BSD 3-Clause "New" or "Revised" License Updated Jan 27, 2025
DRSAT Public

Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies

hook inject bypass gpo rsat

C# 270 30 Apache License 2.0 Updated Dec 27, 2024
SQL-BOF Public
Forked from Tw1sm/SQL-BOF

Library of BOFs to interact with SQL servers

C 16 GNU General Public License v2.0 Updated Dec 6, 2024
BeaconEye Public

Hunts out CobaltStrike beacons and logs operator command output

C# 949 112 Updated Sep 4, 2024
dnMerge Public

A lightweight .NET assembly dependency merger that uses dnLib and 7zip's LZMA SDK for compressing dependant assemblies.

C# 105 13 Updated Sep 4, 2024
ThreadlessInject Public

Threadless Process Injection using remote function hooking.

C# 798 89 MIT License Updated Sep 4, 2024
okta-terrify Public

Okta Verify and Okta FastPass Abuse Tool

C# 338 32 Updated Sep 4, 2024
BOF.NET Public

A .NET Runtime for Cobalt Strike's Beacon Object Files

C 765 110 Updated Sep 4, 2024
SweetPotato Public

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

C# 1,797 232 Updated Sep 4, 2024
PIVert Public

C# 106 14 Updated Jul 31, 2024
chlonium Public
Forked from rxwx/chlonium

Chromium Cookie import / export tool

C# 11 1 Updated Jul 21, 2024
chisel Public
Forked from jpillora/chisel

A fast TCP/UDP tunnel over HTTP

Go MIT License Updated Jan 12, 2024
SSH.NET Public
Forked from sshnet/SSH.NET

SSH.NET is a Secure Shell (SSH) library for .NET, optimized for parallelism.

C# MIT License Updated May 10, 2023
SharpHoundCommon Public
Forked from SpecterOps/SharpHoundCommon

Common library used by SharpHound.

C# GNU General Public License v3.0 Updated May 3, 2023
lsarelayx Public

NTLM relaying for Windows made easy

C++ 580 68 Updated Apr 25, 2023
titanldr-ng Public
Forked from klezVirus/titanldr-ng

A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.

C Updated Mar 20, 2023
socks5 Public
Forked from ctinkong/socks5

SOCKS5 server in Golang

Go MIT License Updated Feb 24, 2023
ProvisionAppx Public

C# 39 5 Updated Oct 12, 2022
AceLdr Public
Forked from kyleavery/AceLdr

Cobalt Strike UDRL for memory scanner evasion.

C 1 MIT License Updated Oct 7, 2022
nodebb-plugin-onesignal Public
Forked from NodeBB-Community/nodebb-plugin-pushbullet

Allows NodeBB to interface with the OneSignal service in order to provide push notifications via OneSignal, originally forked from nodebb-plugin-pushbullet

JavaScript 2 4 MIT License Updated Jun 8, 2022
Certify Public
Forked from GhostPack/Certify

Active Directory certificate abuse.

C# 2 1 Other Updated May 19, 2022
bittrex4j Public

Java library for accessing the Bittrex Web API's and Web Sockets

java api websockets cryptocurrency btc java-library signalr

Java 32 23 GNU Lesser General Public License v3.0 Updated Nov 7, 2021
InlineExecute-Assembly Public
Forked from anthemtotheego/InlineExecute-Assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…

C 5 Updated Oct 26, 2021
impacket Public
Forked from fortra/impacket

Impacket is a collection of Python classes for working with network protocols.

Python 1 Other Updated Oct 17, 2021
SharpBlock Public

A method of bypassing EDR's active projection DLL's by preventing entry point exection

C# 1,162 164 Updated Mar 31, 2021

Ceri Coburn CCob

Achievements

Achievements

MinHook.NET Public

Uh oh!

gssapi-abuse Public

Uh oh!

sandbox-attacksurface-analysis-tools Public

Uh oh!

Volumiser Public

Uh oh!

Rubeus Public

Uh oh!

Shwmae Public

Uh oh!

DRSAT Public

Uh oh!

SQL-BOF Public

Uh oh!

BeaconEye Public

Uh oh!

dnMerge Public

Uh oh!

ThreadlessInject Public

Uh oh!

okta-terrify Public

Uh oh!

BOF.NET Public

Uh oh!

SweetPotato Public

Uh oh!

PIVert Public

Uh oh!

chlonium Public

Uh oh!

chisel Public

Uh oh!

SSH.NET Public

Uh oh!

SharpHoundCommon Public

Uh oh!

lsarelayx Public

Uh oh!

titanldr-ng Public

Uh oh!

socks5 Public

Uh oh!

ProvisionAppx Public

Uh oh!

AceLdr Public

Uh oh!

nodebb-plugin-onesignal Public

Uh oh!

Certify Public

Uh oh!

bittrex4j Public

Uh oh!

InlineExecute-Assembly Public

Uh oh!

impacket Public

Uh oh!

SharpBlock Public

Uh oh!