Kevin-Robertson's Stars
clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
byt3bl33d3r/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
ComodoSecurity/openedr
Open EDR public repository
Hackndo/lsassy
Extract credentials from lsass remotely
topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
jthuraisamy/SysWhispers
AV/EDR evasion via direct system calls.
optiv/Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Mr-Un1k0d3r/SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
matterpreter/OffensiveCSharp
Collection of Offensive C# Tooling
FuzzySecurity/Sharp-Suite
Also known by Microsoft as Knifecoat :hot_pepper:
nccgroup/SocksOverRDP
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
daem0nc0re/TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
djhohnstein/SharpChromium
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
NUL0x4C/AtomLdr
A DLL loader with advanced evasive features
nyxgeek/onedrive_user_enum
onedrive user enumeration - pentest tool to enumerate valid o365 users
ZeroMemoryEx/Amsi-Killer
Lifetime AMSI bypass
G0ldenGunSec/SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
airbus-cert/Winshark
A wireshark plugin to instrument ETW
microsoft/WindowsProtocolTestSuites
⭐⭐Join us at sambaXP 2024 (Apr 17 - Apr 18)
bohops/UltimateWDACBypassList
A centralized resource for previously documented WDAC bypass techniques
outflanknl/SharpHide
Tool to create hidden registry keys.
0xthirteen/SharpMove
.NET Project for performing Authenticated Remote Execution
itm4n/PPLmedic
Dump the memory of any PPL with a Userland exploit chain
xforcered/StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
citronneur/rdp-rs
Remote Desktop Protocol in RUST
rvrsh3ll/SharpSMBSpray
Spray a hash via smb to check for local administrator access
leechristensen/RequestAADRefreshToken
Sagar-Jangam/DNSUpdate
A python based script to update DNS entries in ADIDNS
etlownoise/xolo
Tool to crawl, visualize and interact with SQL server links in a d3 graph to help in your red/blue/purple/.../risk assessments pentest hacking team exercises.