ASkyeye
RedTeam fork robot. ⚠️Please check the source code carefully before using the tool. :)
GithubLas Vegas, USA
Pinned Repositories
AB
Cs-Sleep-Mask-Fiber
Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
CVE-2022-21894-Payload
Example payload for CVE-2022-21894
CVE-2023-21839
Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
ElusiveMice
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
LdrLibraryEx
A small x64 library to load dll's into memory.
LocklessBof
Lockless BOF
LoudSunRun
My shitty attempt at tampering with the callstack based on the work of namazso, SilentMoonWalk, and VulcanRaven
UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
ASkyeye's Repositories
ASkyeye/aad-bofs
AzureAD beacon object files
ASkyeye/Krueger
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
ASkyeye/Bedrock
Minimal C++20 STL replacement library. Simpler, smaller, and in many cases faster.
ASkyeye/blackpill
A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs
ASkyeye/cli4bofs
Command line interface for (running) BOFs
ASkyeye/CVE-2024-21182
PoC for CVE-2024-21182
ASkyeye/DGPOEdit
Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
ASkyeye/EagleVM
Native code virtualizer for x64 binaries
ASkyeye/FalconHound
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
ASkyeye/FileRenameJunctionsEDRDisable
ASkyeye/HellBunny
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
ASkyeye/KrakenMask-1
Sleep obfuscation
ASkyeye/ModTask
ASkyeye/PoCEntraDeviceComplianceBypass
Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
ASkyeye/presentations
ASkyeye/Protect_Loader
Protect Loader is a shellcode loader written in pure golang designed to provide various security and evasion techniques for Go applications. It includes features such as shellcode loading, obfuscation, the use of indirect syscalls, and much more.
ASkyeye/ReflectiveLoader
A Reflective Loader for macOS
ASkyeye/Rust-for-Malware-Development
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
ASkyeye/RustAutoRecon
A blazing fast, high performance implementation of AutoRecon in Rust. A multi-threaded network reconnaissance tool which performs automated enumeration of services 🦀 🔥
ASkyeye/sccmhound
A BloodHound collector for Microsoft Configuration Manager
ASkyeye/sharp-execute
Execute dotnet app from unmanaged process
ASkyeye/Sickle
Payload development framework
ASkyeye/Spyndicapped
COM ViewLogger — new malware keylogging technique
ASkyeye/SQL-BOF
Library of BOFs to interact with SQL servers
ASkyeye/StoneKeeper
StoneKeeper C2, an experimental EDR evasion framework for research purposes
ASkyeye/Svartalfheim
Stage 0
ASkyeye/TokenSmith
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
ASkyeye/TokenTacticsV2
A fork of the great TokenTactics with support for CAE and token endpoint v2
ASkyeye/userland-exec
Userland exec PoC to be used as attack vector technique
ASkyeye/ZigStrike
ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.