3lp4tr0n

Cyber Dude

Pinned Repositories

AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Language:C0 0 00
Alaris
A protective and Low Level Shellcode Loader the defeats modern EDR systems.
Language:Assembly1 0 00
BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
Language:C#483 11 148
BlockEtw
.Net Assembly to block ETW telemetry in current process
Language:C#10
CVE-2023-27470_Exercise
Language:C++10 1 08
GodPotato
Language:C#21
Screenshottery
Simple spyware that takes screenshots on target computer every "x" amount of seconds.
Language:C#10
WMImplant
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
Language:PowerShell3 0 00
ccmpwn
Language:Python185 2 022
msi-search
Language:C268 5 129

3lp4tr0n's Repositories

3lp4tr0n/BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
Language:C#483 11 148
3lp4tr0n/CVE-2023-27470_Exercise
Language:C++10 1 08
3lp4tr0n/GodPotato
Language:C#21
3lp4tr0n/AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Language:C0 0 00
3lp4tr0n/CheeseOunce
Coerce Windows machines auth via MS-EVEN
Language:C0 0 00
3lp4tr0n/CVE-2021-40444
CVE-2021-40444 PoC
3lp4tr0n/DInvoke
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
Language:C#0 0
3lp4tr0n/DynamicWrapperDotNet
Dynamically Loads Assembly and Calls Methods from JScript
Language:C#0 0
3lp4tr0n/expbox
Vulnerability Exploitation Code Collection Repository
Language:Python0 0
3lp4tr0n/Ghostpack-CompiledBinaries
Compiled Binaries for Ghostpack (.NET v4.0)
0 0
3lp4tr0n/InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
1
3lp4tr0n/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
3lp4tr0n/Mimikore
.NET 5 Single file Application
Language:C#0 0
3lp4tr0n/msi-search
Language:C0 0
3lp4tr0n/Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
1
3lp4tr0n/OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
Language:VBA0 0
3lp4tr0n/OfficePurge
Language:C#0 0
3lp4tr0n/Pluto
A manual system call library that supports functions from both ntdll.dll and win32u.dll
Language:C#0 0
3lp4tr0n/PPLDump_BOF
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
3lp4tr0n/PrintNightmare
3lp4tr0n/ProcessHollowing
3lp4tr0n/route-sixty-sink
Link sources to sinks in C# applications.
3lp4tr0n/S4UTomato
Escalate Service Account To LocalSystem via Kerberos
3lp4tr0n/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
3lp4tr0n/SharpNamedPipePTH
Pass the Hash to a named pipe for token Impersonation
3lp4tr0n/SyscallAmsiScanBufferBypass
AmsiScanBufferBypass using D/Invoke
Language:C#0 01
3lp4tr0n/titan
Titan: A generic user defined reflective DLL for Cobalt Strike
1
3lp4tr0n/TitanLdr
Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
Language:C0 0
3lp4tr0n/WAMBam
Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
Language:C#0 0
3lp4tr0n/WFH
Language:JavaScript0 0