bigb0sss
OSWE | OSCE | OSCP | Lead Offensive Security Engineer - Pentesting, RedTeam, ExpDev, Application Security
\x90\x90
bigb0sss's Stars
optiv/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
aahmad097/AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
mttaggart/OffensiveNotion
Notion as a platform for offensive operations
Tylous/ZipExec
A unique technique to execute binaries from a password protected zip
Tylous/Limelighter
A tool for generating fake code signing certificates or signing real ones
lightspin-tech/red-kube
Red Team K8S Adversary Emulation Based on kubectl
cyberark/kubeletctl
A client for kubelet
kmkz/Pentesting
Tricks for penetration testing
br-sn/CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
optiv/Dent
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
nikitastupin/param-miner-doc
Unofficial documentation for the great tool Param Miner
G0ldenGunSec/SharpTransactedLoad
Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
ch3rn0byl/AngryWindows
Modifies the Blue Screen of Death for 1909/20h1/20h2/21h1.
aahmad097/BadOutlook
(kinda) Malicious Outlook Reader
optiv/Microsoft365_devicePhish
A proof-of-concept script to conduct a phishing attack abusing Microsoft 365 OAuth Authorization Flow
gitjdm/dumper2020
Yet another LSASS dumper
optiv/rustyIron
rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication attacks. rustyIron can locate the MobileIron MDM authentication endpoint, validate the authentication strategy of the environment, perform user enumeration, brute-force registration PIN values, and perform single-factor authentication attacks.
optiv/airCross
airCross is a tool that takes advantage of API functionality within VMWare's AirWatch MDM solution to perform single-factor authentication attacks. airCross can locate AirWatch authentication endpoint, validate the authentication strategy of the environment, collect GroupID authentication values, conduct single-factor authentication, and perform user enumeration, in some instances.
optiv/CVE-2020-15931
Netwrix Account Lockout Examiner 4.1 Domain Admin Account Credential Disclosure Vulnerability
calebsargent/GoProcDump
Golng version of SharpDump that can be used to extract LSASS or any other proces. Provides token elevation prior to creating dump of high intergrity processes.
ch3rn0byl/WinDbg-Extensions
optiv/BadOutlook
(kinda) Malicious Outlook Reader
h0useh3ad/LinkedinMama3
Linkedin Employee Profile Scrapper (Python3 version)
bigb0sss/all-about-appsec
All About Application Security (AAAS)
calebsargent/UninstallMinidumpLsass
Performs a Minidump of the LSASS process when passed as the program to uninstall using Windows InstallUtil.exe
waffl3ss/keybase-cs
Keybase Webhook notifications for CobaltStrike
alfarom256/lsassdump
x-a-n-d-e-r-k/browser-scripts
Collection of small JavaScript functions and scripts that can be used in the browser to interact with Lair