Pinned Repositories
BeaconNotifier-Discord
Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.
BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
PerunsFart-PPID
Userland API hooking bypass using PerunsFart spawning created process with spoofed PPID
sleepmask_ekko_cfg
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
SuperSharpShooter
Payload Generation Framework
sw2-secinject
Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF
SysmonQuiet
RDLL for Cobalt Strike beacon to silence sysmon process
vba_bin_runner
Basic python tools to generate shellcode runner in vba
ScriptIdiot's Repositories
ScriptIdiot/agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
ScriptIdiot/BOF_NativeAPI_Definitions-VSCode
A VSCode plugin to assist with BOF development.
ScriptIdiot/pumpbin
🎃 PumpBin is an Implant Generation Platform.
ScriptIdiot/Upload_Bypass
A simple tool for bypassing file upload restrictions.
ScriptIdiot/badger-builder
badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles
ScriptIdiot/bof-collection-2
ScriptIdiot/bof-modules
BOF for C2 framework
ScriptIdiot/burrow
Burrow is a globally distributed HTTP proxy via AWS Lambda
ScriptIdiot/Carbuncle
Tool for interacting with outlook interop during red team engagements
ScriptIdiot/CerealKiller
.NET deserialization hunter
ScriptIdiot/codasm
Payload encoding utility to effectively lower payload entropy.
ScriptIdiot/createdump
Leverage WindowsApp createdump tool to obtain an lsass dump
ScriptIdiot/CVE-2023-24871
pocs & exploit for CVE-2023-24871 (rce + lpe)
ScriptIdiot/DojoLoader
Generic PE loader for fast prototyping evasion techniques
ScriptIdiot/Drop-Pi
This is a collection of tools that make up what we call a "Drop-Pi", primarily used as a quick placement device during a physical/social engineering penetration test.
ScriptIdiot/exploit-notes
Sticky notes for pentesting, bug bounty, CTF.
ScriptIdiot/Frida-Script-Runner
Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.
ScriptIdiot/gigaproxy
One proxy to rule them all
ScriptIdiot/GlobalUnProtect
Decrypt GlobalProtect configuration and cookie files.
ScriptIdiot/LdapSignCheck
Beacon Object File & C# project to check LDAP signing
ScriptIdiot/linux-entra-sso
Browser plugin for Linux to SSO on Microsoft Entra ID using a locally running microsoft identity broker (Intune).
ScriptIdiot/msiscan
Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
ScriptIdiot/NtDumpBOF
ScriptIdiot/OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
ScriptIdiot/pdfdropper
PDF dropper Red Team Scenairos
ScriptIdiot/PPLrevenant
Bypass LSA protection using the BYODLL technique
ScriptIdiot/ProxyDll
beta
ScriptIdiot/SCCMSecrets
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
ScriptIdiot/smbtakeover
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
ScriptIdiot/thread_namecalling
Process Injection using Thread Name