Pinned Repositories
KeeThief
Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
Rubeus
Trying to tame the three-headed dog.
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
CheatSheets
Cheat sheets for various projects.
DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
PowerUp
This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current version.
TrustVisualizer
Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.
HarmJ0y's Repositories
HarmJ0y/DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
HarmJ0y/TrustVisualizer
Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.
HarmJ0y/pylnker
This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
HarmJ0y/PowerShellArsenal
A PowerShell Module Dedicated to Reverse Engineering
HarmJ0y/red_team_tool_countermeasures
HarmJ0y/SharpMove
.NET Project for performing Authenticated Remote Execution
HarmJ0y/ATPMiniDump
Evading WinDefender ATP credential-theft
HarmJ0y/InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
HarmJ0y/Ps-Tools
Ps-Tools, an advanced process monitoring toolkit for offensive operations
HarmJ0y/GhostLoader
GhostLoader - AppDomainManager - Injection - 攻壳机动队
HarmJ0y/IndicatorOfCanary
Canary Detection
HarmJ0y/RdpThief
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
HarmJ0y/SharpSphere
.NET Project for Attacking vCenter
HarmJ0y/PEzor
Open-Source PE Packer
HarmJ0y/Recon-AD
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
HarmJ0y/Dumpert
LSASS memory dumper using direct system calls and API unhooking.
HarmJ0y/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
HarmJ0y/WMIReg
PoC to interact with local/remote registry hives through WMI
HarmJ0y/Zipper
Zipper, a CobaltStrike file and folder compression utility.
HarmJ0y/cypher_validator
Simple Python validator for Cypher query syntax.
HarmJ0y/GetInjectedThreads
C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
HarmJ0y/faxhell
A Bind Shell Using the Fax Service and a DLL Hijack
HarmJ0y/GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
HarmJ0y/BloodHound
Six Degrees of Domain Admin
HarmJ0y/BOF.NET
A .NET Runtime for Cobalt Strike's Beacon Object Files
HarmJ0y/chronology
SpecterOps Historical Records
HarmJ0y/visualstudio-docs
This repo is the home of the official Visual Studio, Visual Studio for Mac, Visual Studio Subscriptions, and Scripting Technologies documentation for Microsoft.
HarmJ0y/counterfit
a CLI that provides a generic automation layer for assessing the security of ML models
HarmJ0y/ExploitRemotingService
A tool to exploit .NET Remoting Services
HarmJ0y/CypherK9