Flangvik

Red Team at TrustedSec

TrustedSecNorway

Pinned Repositories

AMSI.fail
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
Language:C#418 10 373
AzureC2Relay
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
Language:C#228 5 350
BetterSafetyKatz
Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.
Language:C#874 16 3120
CobaltBus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Language:C#233 6 043
NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
Language:C#836 20 4150
ObfuscatedSharpCollection
Attempt at Obfuscated version of SharpCollection
222 6 035
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
2.6k 36 35373
SharpDllProxy
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
Language:C#839 10 3108
SharpProxyLogon
C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
Language:C#249 6 441
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
Language:C#1.3k 11 41143

Flangvik's Repositories

Flangvik/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
2.6k 36 35373
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
Language:C#1.3k 11 41143
Flangvik/NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
Language:C#836 20 4150
Flangvik/AMSI.fail
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
Language:C#418 10 373
Flangvik/CobaltBus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Language:C#233 6 043
Flangvik/ObfuscatedSharpCollection
Attempt at Obfuscated version of SharpCollection
222 6 035
Flangvik/Bobber
Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
Language:Python180 1 215
Flangvik/QRucible
Python utility that generates "imageless" QR codes in various formats
Language:Python127 1 06
Flangvik/SharpAppLocker
C# port of the Get-AppLockerPolicy PS cmdlet
Language:C#100 2 016
Flangvik/collector
Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
Language:Python19 1 12
Flangvik/Ethical-Hacking-101-Cheat-Sheet
Cheat Sheet High School Student
8 1 01
Flangvik/remote_wrapper
Extensible Mythic Wrapper that allows payload wrapping to occur on a remote host
Language:Python8 1 01
Flangvik/statistically-likely-usernames
Wordlists for creating statistically likely username lists for use in password attacks and security testing
6 0 03
Flangvik/WAMBam
Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
Language:C#6 0 0
Flangvik/yetAnotherObfuscator
C# obfuscator that bypass windows defender
Language:C#5 0 04
Flangvik/evilgophish
evilginx2 + gophish
Language:Go4 0 06
Flangvik/ForgeCert
"Golden" certificates
Language:C#4 0 0
Flangvik/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Language:Go2 0 0
Flangvik/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
Language:Go2 0 0
Flangvik/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Language:Python1 0 0
Flangvik/parley
Tree of Attacks (TAP) Jailbreaking Implementation
Language:Python1 0 0
Flangvik/smartbrute
Password spraying and bruteforcing tool for Active Directory Domain Services
Language:Python1 0 0
Flangvik/thanatos
Mythic C2 agent targeting Linux and Windows hosts written in Rust
Language:Rust1 0 0
Flangvik/TokenStomp
C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
Language:C#1 0 0
Flangvik/Apollo
A .NET Framework 4.0 Windows Agent
Flangvik/impacket
Impacket is a collection of Python classes for working with network protocols.
Language:Python0 01
Flangvik/Nemesis
An offensive data enrichment pipeline
Language:Python
Flangvik/RustHound-CE
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
Flangvik/SharpC2-Docs
Language:Python0 0
Flangvik/Ubuntu-MacBook-Norwegian-keyboard
Ubuntu + Norwegian keyboard symbols for Macbook Pro keyboards