Pinned Repositories
Aggressor-Scripts
Aggregation of Cobalt Strike's aggressor scripts.
aggressor_scripts
A collection of useful scripts for Cobalt Strike
AggressorAssessor
Aggressor scripts for phases of a pen test or red team assessment
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
AggressorScripts-1
Aggressor scripts for use with Cobalt Strike 3.0+
AggressorScripts-2
AllTheThings
Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.
ApplicationWhitelistBypassTechniques
A Catalog of Application Whitelisting Bypass Techniques
aquatone
A Tool for Domain Flyovers
ASPX-Shellcode-Caesar-Generator
ASPX Shellcode Ceasar Encrypted Generator is a Python script automating shellcode generation, embedding, encryption, and execution in an ASP.NET webshell for penetration testing. This tool streamlines tasks for OSEP challenges, creating encoded shellcodes using user-provided LHOST and LPORT, and setting up Metasploit handlers.
burnnotice's Repositories
burnnotice/ASPX-Shellcode-Caesar-Generator
ASPX Shellcode Ceasar Encrypted Generator is a Python script automating shellcode generation, embedding, encryption, and execution in an ASP.NET webshell for penetration testing. This tool streamlines tasks for OSEP challenges, creating encoded shellcodes using user-provided LHOST and LPORT, and setting up Metasploit handlers.
burnnotice/AutoMSF
AutoMSF is a Python script designed for fast generation and deployment of multiple types of Meterpreter reverse_https payloads. Created to aid in OSEP challenges and exams, it generates C#, EXE, VBS, and PS1 payloads, prepares obfuscated PowerShell commands for execution, and sets up a Metasploit listener for incoming connections.
burnnotice/AWS-Threat-Simulation-and-Detection
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
burnnotice/azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
burnnotice/Beta
Beta versions of my software
burnnotice/BinXORer
This script automates the process of generating, encrypting, and injecting reverse HTTPS shellcode into a C# program. It further compiles the updated code and sets up a Metasploit listener for incoming connections. Designed for cybersecurity research and penetration testing purposes.
burnnotice/bridgecrew-action
This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
burnnotice/Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
burnnotice/checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
burnnotice/EDRSandblast
burnnotice/endgame
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
burnnotice/InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
burnnotice/KerberOPSEC
OPSEC safe Kerberoasting in C#
burnnotice/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
burnnotice/Kubernetes-Certified-Administrator
Online resources that will help you prepare for taking the CNCF CKA 2020 "Kubernetes Certified Administrator" Certification exam. with time, This is not likely the comprehensive up to date list - please make a pull request if there something that should be added here.
burnnotice/nmap-bootstrap-xsl
A Nmap XSL implementation with Bootstrap.
burnnotice/ocd-mindmaps
Orange Cyberdefense mindmaps
burnnotice/OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
burnnotice/OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
burnnotice/P5hellG3n
This script generates a PowerShell reverse shell command that bypasses execution policies and is base64 encoded. The generated shell command establishes a TCP connection to a provided IP and port, and executes any received commands. This script can be useful in penetration testing scenarios where shell access to a target machine is required.
burnnotice/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
burnnotice/policy_sentry
IAM Least Privilege Policy Generator
burnnotice/PrintNightmare
burnnotice/racketeer
burnnotice/RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
burnnotice/ScoutSuite
Multi-Cloud Security Auditing Tool
burnnotice/send
Simple, private file sharing from the makers of Firefox
burnnotice/SharpTerminator
Terminate AV/EDR Processes using kernel driver
burnnotice/StopDefender
Stop Windows Defender programmatically
burnnotice/VBS-Macro-XOR-Generator
VBS-Macro-XOR-Generator is a Python tool for XOR+Ceasar encoding of shellcodes for penetration testing. It automates payload generation, modification, encoding, and sets up a Metasploit handler, ideal for OSEP challenges and exams.