Pinned Repositories
BeaconNotifier-Discord
Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.
BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
PerunsFart-PPID
Userland API hooking bypass using PerunsFart spawning created process with spoofed PPID
sleepmask_ekko_cfg
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
SuperSharpShooter
Payload Generation Framework
sw2-secinject
Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF
SysmonQuiet
RDLL for Cobalt Strike beacon to silence sysmon process
vba_bin_runner
Basic python tools to generate shellcode runner in vba
ScriptIdiot's Repositories
ScriptIdiot/CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
ScriptIdiot/HadesLdr
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
ScriptIdiot/Azure-Red-Team
Azure Security Resources and Notes
ScriptIdiot/CloudHunter
AWS, Azure, Alibaba and Google bucket scanner
ScriptIdiot/cs2br-bof
ScriptIdiot/evilqr
Proof-of-concept to demonstrate dynamic QR swap phishing attacks in practice.
ScriptIdiot/Night_Walker
ScriptIdiot/nuclei-fuzzing-templates
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
ScriptIdiot/ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
ScriptIdiot/adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
ScriptIdiot/Caro-Kann
Encrypted shellcode Injection to avoid Kernel triggered memory scans
ScriptIdiot/CodeCave
A bunch of scripts and code i wrote.
ScriptIdiot/DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
ScriptIdiot/dns-exfil-test
ScriptIdiot/dylibHijackScanner
Objective C dylibHijackScanner and analysis tool
ScriptIdiot/hwbp4mw
ScriptIdiot/KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
ScriptIdiot/Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
ScriptIdiot/MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
ScriptIdiot/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
ScriptIdiot/MMSF
Massive Mobile Security Framework
ScriptIdiot/OktaPostExToolkit
ScriptIdiot/PassTheCert
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
ScriptIdiot/POSTDump
ScriptIdiot/RagingRotator
A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.
ScriptIdiot/RandomTSScripts
Collection of random RedTeam scripts.
ScriptIdiot/self_delete_bof
BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the current process.
ScriptIdiot/ShadowRDP
ScriptIdiot/Spartacus
Spartacus DLL/COM Hijacking Toolkit
ScriptIdiot/SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts