Pinned Repositories
BeaconNotifier-Discord
Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.
BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
PerunsFart-PPID
Userland API hooking bypass using PerunsFart spawning created process with spoofed PPID
sleepmask_ekko_cfg
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
SuperSharpShooter
Payload Generation Framework
sw2-secinject
Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF
SysmonQuiet
RDLL for Cobalt Strike beacon to silence sysmon process
vba_bin_runner
Basic python tools to generate shellcode runner in vba
ScriptIdiot's Repositories
ScriptIdiot/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
ScriptIdiot/krbdump
A way to extract tickets in case I need to purge and restore tickets on the fly.
ScriptIdiot/krblist
Old post-ex for listing kerberos tickets. A terribly written clone of `klist`
ScriptIdiot/ADCSCoercePotato
ScriptIdiot/atexec-pro
Fileless atexec, no more need for port 445
ScriptIdiot/awesome-injection
Centralized resource for listing and organizing known injection techniques and POCs
ScriptIdiot/bofhound
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
ScriptIdiot/bypass_uac_bof
一个普通的BOF用来BypassUAC
ScriptIdiot/crtsh
A Python Script to Get Subdomain using https://crt.sh
ScriptIdiot/CsWhispers
Source generator to add D/Invoke and indirect syscall methods to a C# project.
ScriptIdiot/DictionShellcode
Encode shellcode into dictionary words for evasion and entropy reduction
ScriptIdiot/dll2shell
convert compatible dlls to shellcode with sRDI. I don't remember where this came from, so if you recognize the code, let me know and I'll provide credits.
ScriptIdiot/dropper
Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
ScriptIdiot/evilginx2-TTPs
Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.
ScriptIdiot/GPOddity
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
ScriptIdiot/grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
ScriptIdiot/HackSpaceCon2024StackWorkshop
ScriptIdiot/hacktricks-training-GHActions
HackTricks Training ARTE GitHub Actions Exploit
ScriptIdiot/InjectKit
Modified versions of the Cobalt Strike Process Injection Kit
ScriptIdiot/IoDllProxyLoad
DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
ScriptIdiot/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
ScriptIdiot/ms_scmr
Doing stuff to Windows services
ScriptIdiot/MultCheck
Identifies bad bytes from static analysis with any Anti-Virus scanner.
ScriptIdiot/NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
ScriptIdiot/SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
ScriptIdiot/SharpConflux
ScriptIdiot/sliver_dispatcher
mass dispatch stuff on people because red vs blue
ScriptIdiot/SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
ScriptIdiot/terminator_bof
一个普通的BOF
ScriptIdiot/UserManagerEoP