Pinned Repositories
AMSI.fail
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
AzureC2Relay
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
BetterSafetyKatz
Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.
CobaltBus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
DeployPrinterNightmare
C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
SharpDllProxy
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
SharpProxyLogon
C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
Flangvik's Repositories
Flangvik/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
Flangvik/NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
Flangvik/AMSI.fail
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
Flangvik/CobaltBus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Flangvik/DeployPrinterNightmare
C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
Flangvik/ObfuscatedSharpCollection
Attempt at Obfuscated version of SharpCollection
Flangvik/Bobber
Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
Flangvik/SharpExfiltrate
Modular C# framework to exfiltrate loot over secure and trusted channels.
Flangvik/SharpAppLocker
C# port of the Get-AppLockerPolicy PS cmdlet
Flangvik/ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
Flangvik/collector
Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
Flangvik/CobaltStuff
Flangvik/WAMBam
Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
Flangvik/Ethical-Hacking-101-Cheat-Sheet
Cheat Sheet High School Student
Flangvik/ForgeCert
"Golden" certificates
Flangvik/yetAnotherObfuscator
C# obfuscator that bypass windows defender
Flangvik/evilgophish
evilginx2 + gophish
Flangvik/statistically-likely-usernames
Wordlists for creating statistically likely username lists for use in password attacks and security testing
Flangvik/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Flangvik/SharpC2
Command and Control Framework written in C#.
Flangvik/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
Flangvik/TokenStomp
C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
Flangvik/parley
Tree of Attacks (TAP) Jailbreaking Implementation
Flangvik/smartbrute
Password spraying and bruteforcing tool for Active Directory Domain Services
Flangvik/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Flangvik/impacket
Impacket is a collection of Python classes for working with network protocols.
Flangvik/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
Flangvik/Rubeus
Trying to tame the three-headed dog.
Flangvik/SharpC2-Docs