4mrr's Stars
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
Pennyw0rth/NetExec
The Network Execution Tool
jtpereyda/boofuzz
A fork and successor of the Sulley Fuzzing Framework
rootsecdev/Azure-Red-Team
Azure Security Resources and Notes
aahmad097/AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
eladshamir/Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
OpenRCE/sulley
A pure-python fully automated and unattended fuzzing framework.
aleff-github/my-flipper-shits
Free and libre source BadUSB payloads for Flipper Zero. [Windows, GNU/Linux, iOS]
RythmStick/AMSITrigger
The Hunt for Malicious Strings
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
mactec0/Kernelmode-manual-mapping-through-IAT
Manual mapping without creating any threads, with rw only access
D00Movenok/BounceBack
↕️🤫 Stealth redirector for your red team operation security
G0ldenGunSec/SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
Frissi0n/GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
S3N4T0R-0X0/APT-Attack-Simulation
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.
icyguider/UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
RalfHacker/Kerbeus-BOF
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
0xEr3bus/PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
SaadAhla/NTDLLReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
icyguider/LatLoader
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
gh0x0st/Invoke-PSObfuscation
An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
0xEr3bus/RdpStrike
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
Hrishikesh7665/Android-Pentesting-Checklist
Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skills with essential tools and user-friendly guides. Elevate Android security seamlessly!
MalwareTech/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
ProcessusT/Venoma
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
Nero22k/cve-2023-29360
Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
synacktiv/ntdissector
attackdebris/kerberos_enum_userlists
Collection of username lists for enumerating kerberos domain users
JumpsecLabs/WALK_WebAssembly_Lure_Krafter
A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims at aiding with initial access during red teams and phishing exercises leveraging WASM smuggling techniques.
0xEr3bus/ShadowForgeC2
ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.