healtheedom

Pinned Repositories

AuthzAI
Language:Python00
bloodhound-quickwin
Simple script to extract useful informations from the combo BloodHound + Neo4j
Language:Python0 0 00
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
Language:Python0 0 00
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Language:PowerShell0 0 00
Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
Language:C++0 0 00
Codecepticon
.NET/PowerShell/VBA Offensive Security Obfuscator
Language:C#0 0 00
conti_locker
Conti Locker source code
Language:C++00
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
Language:C0 0 00
CVE-2023-4863
Language:C0 0 00
DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
Language:C0 0 00

healtheedom's Repositories

healtheedom/AuthzAI
Language:Python00
healtheedom/bloodhound-quickwin
Simple script to extract useful informations from the combo BloodHound + Neo4j
Language:Python0 0 00
healtheedom/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
Language:Python0 0 00
healtheedom/cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Language:PowerShell0 0 00
healtheedom/Cobalt-Strike
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
Language:C++0 0 00
healtheedom/Codecepticon
.NET/PowerShell/VBA Offensive Security Obfuscator
Language:C#0 0 00
healtheedom/conti_locker
Conti Locker source code
Language:C++00
healtheedom/CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
Language:C0 0 00
healtheedom/CVE-2023-4863
Language:C0 0 00
healtheedom/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
Language:C0 0 00
healtheedom/DavRelayUp
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
Language:C#0 0 00
healtheedom/DownloadTest
0 1 00
healtheedom/DPAT
Domain Password Audit Tool for Pentesters
Language:Python0 0
healtheedom/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Language:C++0 0
healtheedom/evilginx2-TTPs
Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.
Language:Go0 0
healtheedom/Farmer
Language:C#0 0
healtheedom/Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Language:Go0 0
healtheedom/GamingServiceEoP
Language:C++0 0
healtheedom/InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
Language:C0 0
healtheedom/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Language:C#0 0
healtheedom/Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
Language:Go0 0
healtheedom/MSRPC-to-ATTACK
A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
0 0
healtheedom/Mythic
A collaborative, multi-platform, red teaming framework
Language:JavaScript0 0
healtheedom/ntlmrelayx.py_to_exe
Language:Python0 0
healtheedom/PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Language:Python0 0
healtheedom/ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
healtheedom/random_c2_profile
Cobalt Strike random C2 Profile generator
Language:Python0 0
healtheedom/Red-team-Interview-Questions
Red team Interview Questions
0 0
healtheedom/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Language:C#0 0
healtheedom/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Language:Go0 0