Pinned Repositories
backdoorLnkMacroStagerObfuscated
Obfuscated Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is done to obtain a shell via follow-up user interaction natively through powershell, in order to evade tools that monitor process execution. Backdoors are self-cleaning on execution.
DayBird
Extension functionality for the NightHawk operator client
GetWebDAVStatus
Determine if the WebClient Service (WebDAV) is running on a remote system
PowerPriv
A Powershell implementation of PrivExchange designed to run under the current user's context
SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
SharpTransactedLoad
Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
wmiServSessEnum
.net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
G0ldenGunSec's Repositories
G0ldenGunSec/SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
G0ldenGunSec/SharpTransactedLoad
Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
G0ldenGunSec/GetWebDAVStatus
Determine if the WebClient Service (WebDAV) is running on a remote system
G0ldenGunSec/PowerPriv
A Powershell implementation of PrivExchange designed to run under the current user's context
G0ldenGunSec/wmiServSessEnum
.net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
G0ldenGunSec/DayBird
Extension functionality for the NightHawk operator client
G0ldenGunSec/backdoorLnkMacroStagerObfuscated
Obfuscated Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is done to obtain a shell via follow-up user interaction natively through powershell, in order to evade tools that monitor process execution. Backdoors are self-cleaning on execution.
G0ldenGunSec/backdoorLnkMacroStagerCellEmbed
Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is done to obtain a shell via follow-up user interaction natively through powershell, in order to evade tools that monitor process execution. Data is embedded in .xls cells and called in the macro to evade detection. Backdoors are self-cleaning on execution.
G0ldenGunSec/PreliminaryBackdoorLnkMacroStager
Original testing version of the backdoorLnkMacroStager - please reference backdoorLnkMacroStagerObfuscated or backdoorLnkMacroStagerCellEmbed for current versions
G0ldenGunSec/Service-Executable-Permissions-Checker
G0ldenGunSec/CVE-2020-1472
Test tool for CVE-2020-1472
G0ldenGunSec/SharpLinkCreate
G0ldenGunSec/StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
G0ldenGunSec/BloodHound
Six Degrees of Domain Admin
G0ldenGunSec/Covenant
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
G0ldenGunSec/Empire
Empire is a PowerShell and Python post-exploitation agent.
G0ldenGunSec/impacket
Impacket is a collection of Python classes for working with network protocols.
G0ldenGunSec/Rubeus
Trying to tame the three-headed dog.