helo86's Stars
cyberark/PipeViewer
A tool that shows detailed information about named pipes in Windows
Xre0uS/MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
EvilGreys/Disable-Windows-Defender-
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
justakazh/DockerExploit
Docker Remote API Scanner and Exploit
fin3ss3g0d/NativeThreadpool
Work, timer, and wait callback example using solely Native Windows APIs.
Slowerzs/ThievingFox
nicocha30/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
m8r1us/PlansWithinPlans
This tool was created for the article: "An Exploration of AV Evasion Techniques". The script was made for educational reasons to demonstrate basic evasion techniques.
mdsecactivebreach/SharpShooter
Payload Generation Framework
BC-SECURITY/Moriarty
Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
S3cur3Th1sSh1t/PowerSharpPack
Acceis/unisec
Unicode Security Toolkit
radhasec/xss_payload
S3cur3Th1sSh1t/SharpImpersonation
A User Impersonation tool - via Token or Shellcode injection
gtworek/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
dmcxblue/SharpGhostTask
A C# port from Invoke-GhostTask
hackerhouse-opensource/Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
weaselsec/GodPotato-Aggressor-Script
emrekybs/AD-AssessmentKit
Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.
lap1nou/CLR_Heap_encryption
hackerhouse-opensource/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
hackerhouse-opensource/Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
jstrosch/sclauncher
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
MalwareTech/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
hackerhouse-opensource/Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
mandiant/SharPersist
S1lkys/SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
DebugPrivilege/InsightEngineering
Hardcore Debugging
mvelazc0/defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
Flangvik/ObfuscatedSharpCollection
Attempt at Obfuscated version of SharpCollection