Pinned Repositories
.NetConfigLoader
.net config loader
40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
Amsi-Killer
Lifetime AMSI bypass
AutoSmuggle
Utility to craft HTML or SVG smuggled files for Red Team engagements
avet
AntiVirus Evasion Tool
nimvoke
Indirect syscalls + DInvoke made simple.
nps
Not PowerShell
payload-wizard
AI assistant that utilizes GPT language models to interpret and generate cybersecurity payloads 🪄
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
C0C0red's Repositories
C0C0red/Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
C0C0red/APT-Attack-Simulation
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.
C0C0red/AuthzAI
C0C0red/BEAR-C2
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
C0C0red/capa
The FLARE team's open-source tool to identify capabilities in executable files.
C0C0red/Control_Framework
CONTROL C2 is a command and control framework designed for red teamers and penetration testers.
C0C0red/CVE-2024-38077-POC
原文已被作者删除,备份用,非原创,EXP & POC
C0C0red/EDRPrison
Leverage a legitimate driver to silence EDR
C0C0red/enumhandles_BOF
C0C0red/FaceDancer
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
C0C0red/faraday
Open Source Vulnerability Management Platform
C0C0red/Ghost
Evasive shellcode loader
C0C0red/IDA-MITRE
C0C0red/KernelCallbackTable-Injection-PoC
Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow
C0C0red/Kill-Floor
AV/EDR killer using BYOVD technique
C0C0red/LDAPFragger
C0C0red/Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
C0C0red/nifo
Nuke It From Orbit - remove AV/EDR with physical access
C0C0red/PassTheCert
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
C0C0red/payloads
C0C0red/PenetrationTesting_Notes-
My Notes about Penetration Testing
C0C0red/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
C0C0red/Red-Team-Exercises
C0C0red/Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
C0C0red/Reverse_Shell_Ofuscation
C0C0red/Russian-APT-Tool-Matrix
A tool matrix for Russian APTs based on the Ransomware Tool Matrix
C0C0red/RustiveDump
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.
C0C0red/SharpExclusionFinder
Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on event logs
C0C0red/Sickle
Payload development framework
C0C0red/Vulnerability