helo86's Stars
nickvourd/Supernova
Real fucking shellcode encryptor & obfuscator tool
RedSiege/Chromatophore
Utilities for obfuscating shellcode
Orange-Cyberdefense/GOAD
game of active directory
StevenBlack/hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
N7WEra/BofAllTheThings
Creating a repository with all public Beacon Object Files (BoFs)
chan2git/elastic-detection-lab
This repository serves as a comprehensive recap and detailed write-up showcasing the successful completion and in-depth understanding of TCM Security's course: Detection Engineering for Beginners.
xforcered/BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
icyguider/LightsOut
Generate an obfuscated DLL that will disable AMSI & ETW
S3cur3Th1sSh1t/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
VoldeSec/PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
VoldeSec/PatchlessInlineExecute-Assembly
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
anthemtotheego/InlineExecute-Assembly
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
eladshamir/Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
0xsp-SRD/MDE_Enum
comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges
gh0x0st/Get-ReverseShell
A solution to create obfuscated reverse shells for PowerShell.
0xJs/CARTP-cheatsheet
Azure AD cheatsheet for the CARTP course
MultSec/MultCheck
Identifies bad bytes from static analysis with any Anti-Virus scanner.
M507/BlueDucky
A blue-team tool, creates a list of USB-Rubber-Ducky instructions.
pentestfunctions/BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
Hubbl3/ThreatCheck
Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
SikretaLabs/BlueMap
A Azure Exploitation Toolkit for Red Team & Pentesters
bettercap/bettercap
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
GoSecure/pywsus
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
GoSecure/WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
varwara/CVE-2024-21338
PoC for the Untrusted Pointer Dereference in the appid.sys driver
abankalarm/ReHacks
This repo will house materials for ReHacks.live
lab52io/LeakedHandlesFinder
Leaked Windows processes handles identification tool
apmorton/teensy-template
Teensy 3.X Project Template
lefayjey/linWinPwn
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools