Pinned Repositories
clarion
The clarion call tells you if someone is logging into an AitM proxy that is proxying your M365 login page
CobaltNotion
A spin-off research project. Cobalt Strike x Notion collab 2022
CVE-2021-38699-Stored-XSS
Stored XSS in TastyIgniter v3.0.7 Restaurtant CMS
CVE-2021-38817-Remote-OS-Command-Injection
Remote OS Command Injection in TastyIgniter v3.0.7 Sendmail Path field
cve-2022-33891
Apache Spark Shell Command Injection Vulnerability
PMAT-labs
Labs for Practical Malware Analysis & Triage
RustyProcessInjectors
Just some Rust process injector POCs, nothing weird.
ShadowSteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
SharpTokenFinder
C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
OffensiveNotion
Notion as a platform for offensive operations
HuskyHacks's Repositories
HuskyHacks/PMAT-labs
Labs for Practical Malware Analysis & Triage
HuskyHacks/SharpTokenFinder
C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
HuskyHacks/clarion
The clarion call tells you if someone is logging into an AitM proxy that is proxying your M365 login page
HuskyHacks/blue-jupyter
Jupyter Notebooks for the Blue Team
HuskyHacks/HuskyHacks
HuskyHacks/bsides-nashville-identity-crisis
Identity Crisis: Combating M365 Account Takeovers at Scale (BSides Nashville 2024)
HuskyHacks/cloudy-with-a-chance-of-malware
Terraform repo for "Cloudy with a Chance of Malware"
HuskyHacks/HuskyHacks.github.io
HuskyHacks/SandboxEvasion_BuildCommDCBAndTimeoutA
Sandbox evasion (probably?) via BuildCommDCBAndTimeoutA PoC
HuskyHacks/GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
HuskyHacks/pancakescon-2024
How to Combat Microsoft365 Account Takeovers (while you're not out Thru-Hiking the Appalachian Trail)
HuskyHacks/wtfbins
WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
HuskyHacks/AWS-malware-lab
Creation of a laboratory for malware analysis in AWS
HuskyHacks/bsides-nyc-2024-when-apps-attack
Slides for BSidesNYC 2024 - "When Apps Attack: Hunting Traitorware and Rogue Microsoft 365 Apps at the Small to Medium Business Scale"
HuskyHacks/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
HuskyHacks/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
HuskyHacks/hardyharHAR
HuskyHacks/impacket
Impacket is a collection of Python classes for working with network protocols.
HuskyHacks/logformatter
logformatter
HuskyHacks/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
HuskyHacks/PynAuth
HuskyHacks/shell-setup
Repo for automating shell config on new machines
HuskyHacks/tricon-2024-identity-crisis
Slides for Identity Crisis from TricCon 2024
HuskyHacks/VM-Packages
HuskyHacks/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
HuskyHacks/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
HuskyHacks/merlin-agent
HuskyHacks/replit-test
HuskyHacks/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
HuskyHacks/Unprotect_Submission
Repository to publish your evasion techniques and contribute to the project