Pinned Repositories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
c-sharp-memory-injection
A set of scripts that demonstrate how to perform memory injection in C#
CallObfuscator
Obfuscate specific windows apis with different apis
CasperStager
PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
Covenant
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
CrackMapExec
A swiss army knife for pentesting networks
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27
defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies from memory and runs them with parameters
attackdeveloper's Repositories
attackdeveloper/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
attackdeveloper/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
attackdeveloper/CallObfuscator
Obfuscate specific windows apis with different apis
attackdeveloper/CasperStager
PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
attackdeveloper/Covenant
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
attackdeveloper/CrackMapExec
A swiss army knife for pentesting networks
attackdeveloper/defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27
attackdeveloper/defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
attackdeveloper/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies from memory and runs them with parameters
attackdeveloper/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
attackdeveloper/injectAllTheThings
Seven different DLL injection techniques in one single project.
attackdeveloper/injection
attackdeveloper/injection-1
Windows process injection methods
attackdeveloper/InjectProc
InjectProc - Process Injection Techniques [This project is not maintained anymore]
attackdeveloper/Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
attackdeveloper/Offensive-Security-OSCP-Cheatsheets
OSCP Cheatsheets, Pentesting / Red Teaming Tools and Techniques
attackdeveloper/Rubeus
Trying to tame the three-headed dog.
attackdeveloper/SafetyKatz
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
attackdeveloper/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
attackdeveloper/Sharp-Suite
My musings with C#
attackdeveloper/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
attackdeveloper/SharpDump
SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
attackdeveloper/SharpRoast
SharpRoast is a C# port of various PowerView's Kerberoasting functionality.
attackdeveloper/SharpShooter
Payload Generation Framework
attackdeveloper/SharpTask
SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
attackdeveloper/SharpUp
SharpUp is a C# port of various PowerUp functionality.
attackdeveloper/SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
attackdeveloper/TikiTorch
Process Hollowing
attackdeveloper/Tokenvator
A tool to elevate privilege with Windows Tokens
attackdeveloper/vulcan
a tool to make it easy and fast to test various forms of injection