fyoder's Stars
Microwave89/createuserprocess
Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
am0nsec/vx
Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
jjyg/metasm
This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby
jthuraisamy/SysWhispers
AV/EDR evasion via direct system calls.
xan7r/Misc
homjxi0e/ReaCOM
ReaCOM has got a lot of tools to use and is related to component object model
d35ha/CallObfuscator
Obfuscate specific windows apis with different apis
cobbr/SharpSploit
SharpSploit is a .NET post-exploitation library written in C#
infosecn1nja/MaliciousMacroMSBuild
Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
bitsadmin/wesng
Windows Exploit Suggester - Next Generation
FuzzySecurity/Sharp-Suite
Also known by Microsoft as Knifecoat :hot_pepper:
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
icebearfriend/deckbuilder
Cobalt Strike cna script for randomized argument spoofing
bitsadmin/nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
FSecureLABS/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
HarmJ0y/TrustVisualizer
Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.
pkb1s/SharpAllowedToAct
Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
Und3rf10w/Aggressor-scripts
Aggressor scripts I've made for Cobalt Strike