SV-ZeroOne's Stars
An0nUD4Y/Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
waelmas/frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
mantvydasb/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
Kudaes/ADPT
DLL proxying for lazy people
RedefiningReality/Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
thiagopeixoto/winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
RedSiege/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
wh0amitz/SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
NoobieDog/TPM-Sniffing
A repo for TPM sniffing greatness
usdAG/FlowMate
FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application and matches their occurrences in the responses.
myshell-ai/OpenVoice
Instant voice cloning by MIT and MyShell.
TheCyb3rAlpha/BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
LaresLLC/SuperSharpShares
SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your associated domain account.
VoldeSec/PatchlessInlineExecute-Assembly
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
msd0pe-1/cve-maker
Tool to find CVEs and Exploits.
HashPals/Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
bee-san/Ares
Automated decoding of encrypted text without knowing the key or ciphers used
Bw3ll/ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.
mandiant/ADFSpoof
KingOfTheNOPs/cookie-monster
BOF to steal browser cookies & credentials
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
JPG0mez/ADCSync
Use ESC1 to perform a makeshift DCSync and dump hashes
werdhaihai/AtlasReaper
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
tastypepperoni/PPLBlade
Protected Process Dumper Tool
WKL-Sec/HiddenDesktop
HVNC for Cobalt Strike
knavesec/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
thefLink/RecycledGate
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
Pennyw0rth/NetExec
The Network Execution Tool
wavestone-cdt/EDRSandblast
ZeroMemoryEx/Overlord
abusing Process Hacker driver to terminate other processes (BYOVD)