Pinned Repositories
.NetConfigLoader
.net config loader
40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
ADcheck
Amsi-Killer
Lifetime AMSI bypass
AutoSmuggle
Utility to craft HTML or SVG smuggled files for Red Team engagements
avet
AntiVirus Evasion Tool
nimvoke
Indirect syscalls + DInvoke made simple.
nps
Not PowerShell
payload-wizard
AI assistant that utilizes GPT language models to interpret and generate cybersecurity payloads 🪄
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
C0C0red's Repositories
C0C0red/payload-wizard
AI assistant that utilizes GPT language models to interpret and generate cybersecurity payloads 🪄
C0C0red/APT-Attack-Simulation
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.
C0C0red/APT28-Adversary-Simulation
This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
C0C0red/BEAR-C2
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
C0C0red/Burp-Suite-Certified-Practitioner-Notes
Notes, Lab Commands and Vulnerability Information for BSCP Exam Prep
C0C0red/CVE-2024-38077-POC
原文已被作者删除,备份用,非原创,EXP & POC
C0C0red/EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
C0C0red/EDRPrison
Leverage a legitimate driver to silence EDR
C0C0red/enumhandles_BOF
C0C0red/Inject-EXE
The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both the malicious and legitimate executables.
C0C0red/Invoke-DumpMDEConfig
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
C0C0red/Kill-Floor
AV/EDR killer using BYOVD technique
C0C0red/krbrelayx
Kerberos unconstrained delegation abuse toolkit
C0C0red/LDAPFragger
C0C0red/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
C0C0red/nuclei-templates-initial-access
A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial foothold in broad-scope Red-Team engagements, VAPT (Vulnerability Assessment and Penetration Testing), or general bug bounty programs.
C0C0red/PenetrationTesting_Notes-
My Notes about Penetration Testing
C0C0red/Primitive-Bear-APT
This is a simulation of attack by (Primitive Bear) APT group targeting the State Migration Service of Ukraine
C0C0red/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
C0C0red/Red-Teaming
Collection of Notes and CheatSheets used for Red teaming Certs
C0C0red/Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
C0C0red/RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
C0C0red/RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
C0C0red/Russian-APT-Tool-Matrix
A tool matrix for Russian APTs based on the Ransomware Tool Matrix
C0C0red/RWX_MEMEORY_HUNT_AND_INJECTION_DV
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
C0C0red/security-notes
Markdown repo for notes on all things redteaming
C0C0red/SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
C0C0red/Sickle
Payload development framework
C0C0red/vendorrisk.seedfi.com
C0C0red/Vulnerability