Pinned Repositories
adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
AHNLab-0day
AHNLab 0day, LPE
apc-research
APC Internals Research Code
BadPotato
Windows 权限提升 BadPotato
Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
CrossInject
x86/x64 dll injector
DarkLoadLibrary
LoadLibrary for offensive operations
DotNetHook
A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.
DynamicWrapperEx
x64 Registration-Free In-Process COM Automation Server.
GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
devbabygo's Repositories
devbabygo/adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
devbabygo/apc-research
APC Internals Research Code
devbabygo/BadPotato
Windows 权限提升 BadPotato
devbabygo/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
devbabygo/CrossInject
x86/x64 dll injector
devbabygo/DarkLoadLibrary
LoadLibrary for offensive operations
devbabygo/DynamicWrapperEx
x64 Registration-Free In-Process COM Automation Server.
devbabygo/GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
devbabygo/Invisi-Shell
Hide your Powershell script in plain sight. Bypass all Powershell security features
devbabygo/ketshash
A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
devbabygo/MemoryModulePP
MemoryModule which compatible with Win32 API and support exception handling
devbabygo/MonkeyWorks
devbabygo/NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
devbabygo/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
devbabygo/PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019
devbabygo/RedPeanut
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
devbabygo/ScyllaHideDetector2
Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
devbabygo/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
devbabygo/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
devbabygo/shad0w
A post exploitation framework designed to operate covertly on heavily monitored enviroments
devbabygo/SharpAdidnsdump
c# implementation of Active Directory Integrated DNS dumping (authenticated user)
devbabygo/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
devbabygo/SharpHandler
devbabygo/SharpHound3
C# Data Collector for the BloodHound Project, Version 3
devbabygo/SharpKatz
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
devbabygo/SharpSecDump
.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
devbabygo/SharpWeb
.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
devbabygo/SILENTTRINITY
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
devbabygo/SocksServerCore
devbabygo/vue-json-edit
Visual JSON editor built as an vue component. Provides a basic GUI