Pinned Repositories
cpuid
A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
FindETWProviderImage
Quickly search for references to a GUID in DLLs, EXEs, and drivers
getDA.sh
Identify common attack paths to get Domain Administrator
OffensiveCSharp
Collection of Offensive C# Tooling
SHAPESHIFTER
Companion PoC for the "Adventures in Dynamic Evasion" blog post
Shhmon
Neutering Sysmon via driver unload
spotter
Targeted Payload Execution
matterpreter's Repositories
matterpreter/DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
matterpreter/OffensiveCSharp
Collection of Offensive C# Tooling
matterpreter/Shhmon
Neutering Sysmon via driver unload
matterpreter/SHAPESHIFTER
Companion PoC for the "Adventures in Dynamic Evasion" blog post
matterpreter/spotter
Targeted Payload Execution
matterpreter/FindETWProviderImage
Quickly search for references to a GUID in DLLs, EXEs, and drivers
matterpreter/cpuid
A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
matterpreter/getDA.sh
Identify common attack paths to get Domain Administrator
matterpreter/misc
Collection of things I've written on pentests to make life easier.
matterpreter/StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
matterpreter/SharpStay
.NET project for installing Persistence
matterpreter/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
matterpreter/Empire
Empire is a PowerShell and Python post-exploitation agent.
matterpreter/openedr
Open EDR public repository
matterpreter/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
matterpreter/cpuid_for_antivm
A collection of cpuid instruction implementations for anti-vm purposes.
matterpreter/elam
A Practical example of ELAM (Early Launch Anti-Malware)
matterpreter/EmPyre
A post-exploitation OS X/Linux agent written in Python 2.7
matterpreter/EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
matterpreter/ferrisetw
Basically a KrabsETW rip-off written in Rust
matterpreter/InternetCatFeeder
Raspberry Pi internet-enabled cat feeder using the PicoBorg Reverse
matterpreter/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
matterpreter/Mythic
A collaborative, multi-platform, red teaming framework
matterpreter/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
matterpreter/SharpHound
matterpreter/dnSpy
.NET debugger and assembly editor
matterpreter/PUBG-map-hack
Map hack solution for PUBG
matterpreter/Rubeus
Trying to tame the three-headed dog.
matterpreter/SharpHound3
C# Data Collector for the BloodHound Project, Version 3
matterpreter/yubikey-luks
Two factor authentication for harddisk encryption