A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement

A windows dll injection library written in rust.

RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtC…

Another Windows Local Privilege Escalation from Service Account to System

It stinks

Mimikatz implementation in pure Python

A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

A proof of concept for a clickjacking attack on macOS.

Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry

.net obfuscator using dnlib

Network Analysis Tool

.NET, PE, & Raw Shellcode Packer/Loader Written in Nim

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

AzureRT - A Powershell module implementing various Azure Red Team tactics

POC tools for exploring SMB over QUIC protocol

PowerShell Obfuscation and Data Science

MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository

Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.

Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs

A way to delete a locked file, or current running executable, on disk.

PowerShell SOCKS proxy with reverse proxy capabilities

A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC