lapolis

lapolis's Stars

• matro7sh/BypassAV

  This map lists the essential techniques to bypass anti-virus and EDR

  2.5k354279

• BushidoUK/Ransomware-Tool-Matrix

  A resource containing all the tools each ransomware gangs uses

  77721188

• SafeBreach-Labs/WindowsDowndate

  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

  Language:Python60771182

• ajpc500/BOFs

  Collection of Beacon Object Files

  Language:C553171112

• fortra/No-Consolation

  A BOF that runs unmanaged PEs inline

  Language:C5505764

• trustedsec/COFFLoader

  Language:C47919376

• N7WEra/BofAllTheThings

  Creating a repository with all public Beacon Object Files (BoFs)

  4248050

• ricardojoserf/TrickDump

  Dump lsass using only NTAPIs running 3 programs to create 3 JSON and 1 ZIP file... and generate the MiniDump later!

  Language:C#3541139

• Ridter/atexec-pro

  Fileless atexec, no more need for port 445

  Language:Python3365340

• improsec/ImproHound

  Identify the attack paths in BloodHound breaking your AD tiering

  Language:C#3106335

• boh/RedCsharp

  Collection of C# projects. Useful for pentesting and redteaming.

  2978249

• rasta-mouse/OST-C2-Spec

  Open Source C&C Specification

  2215014

• H4NM/WhoYouCalling

  Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

  Language:C#2163212

• Tylous/FaceDancer

  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading

  Language:Rust2104222

• praetorian-inc/goffloader

  A Go implementation of Cobalt Strike style BOF/COFF loaders.

  Language:Go1812131

• trustedsec/specula

  Language:Python1813419

• ManuelBerrueta/FlowAnalyzer

  FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).

  Language:Jupyter Notebook1741010

• synacktiv/SCCMSecrets

  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

  Language:Python1653319

• PaperMtn/lil-pwny

  Fast offline auditing of Active Directory passwords using Python.

  Language:Python1603224

• smokeme/airstrike

  Language:CSS1562024

• Sl-Sanda-Ru/Py-Fuscate

  Obfuscate Python Programs

  Language:Python13911128

• mlcsec/Graphpython

  Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit

  Language:Python1351112

• grahamhelton/USP

  Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)

  Language:Go1332020

• Malcrove/SeamlessPass

  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

  Language:Python129319

• nixpal/shellsilo

  SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this tool, integrating strings into your shellcode and initializing Unicode strings has never been easier.

  Language:Python1262113

• Dump-GUY/IDA_PHNT_TYPES

  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).

  Language:C1154015

• referefref/sinon

  Automation tool for Windows Deception Host Burn-In

  Language:Go77108

• Kudaes/CustomEntryPoint

  Select any exported function in a dll as the new dll's entry point.

  Language:Rust762016

• elastic/HexForge

  This IDA plugin extends the functionality of the assembly and hex view. With this plugin, you can conveniently decode/decrypt/alter data directly from the IDA Pro interface.

  Language:Python68124

• Synzack/ludus_sccm

  An Ansible collection that installs an SCCM deployment with optional configurations.

  Language:PowerShell49227