kibercthulhu

kibercthulhu's Stars

• carlospolop/PEASS-ng

  PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

  Language:C#14.7k2251772.9k

• zeek/zeek

  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

  Language:C++6.2k3531.4k1.2k

• microsoft/Detours

  Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

  Language:C++5k167154980

• ElevenPaths/FOCA

  Tool to find metadata and hidden information in the documents.

  Language:C#2.8k14159533

• hfiref0x/KDU

  Kernel Driver Utility

  Language:C1.8k6766419

• Accenture/Spartacus

  Spartacus DLL/COM Hijacking Toolkit

  Language:C#963215129

• login-securite/DonPAPI

  Dumping DPAPI credz remotely

  Language:Python8541729104

• TrimarcJake/Locksmith

  A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

  Language:PowerShell768133072

• Cracked5pider/ShellcodeTemplate

  An easily modifiable shellcode template for Windows x64/x86

  Language:C710161119

• klezVirus/SilentMoonwalk

  PoC Implementation of a fully dynamic call stack spoofer

  Language:C++62611194

• redteamsocietegenerale/DLLirant

  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

  Language:C#4609040

• wbenny/KSOCKET

  KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK

  Language:C449159128

• Maldev-Academy/HellHall

  Performing Indirect Clean Syscalls

  Language:C4238162

• trustedsec/orpheus

  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

  Language:Python3579144

• Coldzer0/ReverseSock5Proxy

  A tiny Reverse Sock5 Proxy written in C :V

  Language:C3078141

• MWR-CyberSec/PXEThief

  PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager

  Language:Python2735232

• tyranid/WindowsRpcClients

  This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.

  Language:C#26811051

• jaredcatkinson/PSReflect-Functions

  Module to provide PowerShell functions that abstract Win32 API functions

  Language:PowerShell23425760

• blasty/lexmark

  Language:Python1978250

• D1rkMtr/FilelessNtdllReflection

  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table

  Language:C++17228

• SikretaLabs/BlueMap

  A Azure Exploitation Toolkit for Red Team & Pentesters

  Language:Python1474025

• enkomio/BrokenFlow

  A simple PoC to invoke an encrypted shellcode by using an hidden call

  Language:Assembly1154022

• bohops/RogueAssemblyHunter

  Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.

  Language:C#1134210

• dosxuz/PerunsFart

  This is my own implementation of the Perun's Fart technique by Sektor7

  Language:C++621013

• DallasFR/WalkerGate

  Find syscall

  Language:C5712

• humio/security_monitoring

  385012

• stufus/parse-mimikatz-log

  A relatively flexible tool to parse mimikatz output

  Language:Python354013

• 0xTriboulet/ZeroTotal

  A collection of source code, binaries, and compilation scripts designed to bypass detection

  Language:Rust26203

• MWR-CyberSec/configmgr-cryptderivekey-hashcat-module

  Hashcat module that can crack a password used to derive an AES-128 key with CryptDeriveKey from CryptoAPI

  Language:C19014

• EvanMcBroom/w32t-client

  An example MS-W32T client to show how to use midl.exe in a project managed by CMake

  Language:C++9100