Pinned Repositories
CSharpSetThreadContext
C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
EventLogParser
Parse PowerShell and Security event logs for sensitive information.
KittyLitter
Credential Dumper
ScatterBrain
Suite of Shellcode Running Utilities
SharpChromium
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
SharpLogger
Keylogger written in C#
SharpSearch
Search files for extensions as well as text within.
SharpShares
Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.
SharpWeb
.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
WireTap
.NET 4.0 Project to interact with video, audio and keyboard hardware.
djhohnstein's Repositories
djhohnstein/HookDetector
Playing with PE's and Building Structures by Hand
djhohnstein/Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
djhohnstein/FOLIAGE
Public variation of FOLIAGE ( original developer )
djhohnstein/FilelessNtdllReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table
djhohnstein/AtlasReaper
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
djhohnstein/evilrdp
djhohnstein/FileLessRemoteShellcode
Run Fileless Remote Shellcode directly in memory with Module Unhooking , Module Stomping, No New Thread. This repository contains the TeamServer and the Stager
djhohnstein/HellHall
Performing Indirect Clean Syscalls
djhohnstein/localGPT
Chat with your documents on your local device using GPT models. No data leaves your device and 100% private.
djhohnstein/Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
djhohnstein/SharpAltShellCodeExec
Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
djhohnstein/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
djhohnstein/AdvSim.Cryptography
Simple and sane cryptographic wrapper library.
djhohnstein/all-MiniLM-L6-v2-tfjs
all-MiniLM-L6-v2-tfjs
djhohnstein/DCVC2
A Golang Discord C2 unlike any other. DCVC2 uses RTP packets over a voice channel to transmit all data leaving no operational traces in text chats.
djhohnstein/KrbRelay
Framework for Kerberos relaying
djhohnstein/PIVert
djhohnstein/ProxyObjects
A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET
djhohnstein/themebleed
Proof-of-Concept for CVE-2023-38146 ("ThemeBleed")
djhohnstein/wireproxy
Wireguard client that exposes itself as a socks5 proxy
djhohnstein/CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
djhohnstein/DotNetTracer
C code to enable ETW tracing for Dotnet Assemblies
djhohnstein/Ekko
Sleep Obfuscation
djhohnstein/G0T-B0R3D
A bunch of code and scripts I wrote because I was bored.
djhohnstein/MalwareApiLibrary
collection of apis used in malware development
djhohnstein/misc
miscellaneous scripts and programs
djhohnstein/SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
djhohnstein/ThreadlessInject
Threadless Process Injection using remote function hooking.
djhohnstein/TitanLdr
Public variation of Titan Loader
djhohnstein/VehApiResolve