Pinned Repositories
ADModule
Microsoft signed ActiveDirectory PowerShell module
Barcode
BetterXencrypt
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
cdnstrip
Striping CDN IPs from a list of IP Addresses
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
directInjectorPOC
Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.
Dnsrr
DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS.
Invoke-ReflectivePEInjection.ps1
Win10 - Updated
charnim's Repositories
charnim/Barcode
charnim/BetterXencrypt
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
charnim/BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
charnim/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
charnim/cdnstrip
Striping CDN IPs from a list of IP Addresses
charnim/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
charnim/Dnsrr
DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS.
charnim/DNSUpdate
A python based script to update DNS entries in ADIDNS
charnim/ExampleContainers
Examples of various container types for Python and Golang
charnim/Farmer
charnim/hardcidr
hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime.
charnim/havoc-docker
Docker for Havoc C2
charnim/havoc2nginx
havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most of the code and the configuration of this project came from the cs2modrewrite project (https://github.com/threatexpress/cs2modrewrite) from Joe Vest and Andrew Chiles. All credits to them.
charnim/HtmlSmuggling
HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the payload on the targeted device when the victim opens/clicks the HTML attachment/link. The HTML smuggling technique leverages legitimate HTML5 and JavaS
charnim/InsightEngineering
charnim/ipfuscator
A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.
charnim/Junk
charnim/lnkbomb
Malicious shortcut generator for collecting NTLM hashes from insecure file shares.
charnim/MSSqlPwner
charnim/phpfm
phpFileManager is a complete filesystem management tool on a single file. This is a tool meant for rapid file access, and also to verify the server php configuration and security. The script can be renamed and deployed on an unique known url, and offers password protection.
charnim/ProtectMyTooling
Multi-Packer allowing to daisy-chain over 29 packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
charnim/s3-account-search
S3 Account Search
charnim/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
charnim/shellcode-rs
Rust shellcode runner
charnim/SilentHound
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
charnim/Spartacus
Spartacus DLL Hijacking Discovery Tool
charnim/sysplant
Your syscall factory
charnim/Web-App-Pentest-Checklist
A OWASP Based Checklist With 500+ Test Cases
charnim/WTSRM2
charnim/XMCredentialsDecryptor