mgeeky
🔴 Red Team operator. 👾 I live & breath Windows malware. 🛡️ Securing the world by stealing cyber criminals' operation theater and exposing it through code
Binary-Offensive.comPoland
Pinned Repositories
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
decode-spam-headers
A script that helps you understand why your E-Mail ended up in Spam
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
tomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
mgeeky's Repositories
mgeeky/RobustPentestMacro
This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
mgeeky/VisualBasicObfuscator
Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
mgeeky/HEVD_Kernel_Exploit
Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
mgeeky/procmon-filters
SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral analysis of testing specimens. Inspired and based on Lenny Zeltser's collection.
mgeeky/PhishingPost
PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameter
mgeeky/burpContextAwareFuzzer
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
mgeeky/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
mgeeky/unhook-bof
Remove API hooks from a Beacon process.
mgeeky/OfficePurge
mgeeky/o365enum
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
mgeeky/proxy2
HTTP/HTTPS proxy with custom plugins loading capability.
mgeeky/Phishious
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
mgeeky/C2concealer
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
mgeeky/AQUARMOURY
My musings in C and offensive tooling
mgeeky/AWS-RedTeam-ADLab
mgeeky/C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
mgeeky/SharpShooter
Payload Generation Framework
mgeeky/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
mgeeky/chlonium
The 'h' is silent
mgeeky/CobaltSplunk
Splunk Dashboard for CobaltStrike logs
mgeeky/DemoLab
A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI
mgeeky/DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
mgeeky/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
mgeeky/youtube-dl
A copyright-respecting fork of youtube-dl
mgeeky/.github
mgeeky/CobaltStrike
CobaltStrike's source code
mgeeky/LACheck
mgeeky/pocs
Proof of Concepts (PE, PDF...)
mgeeky/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
mgeeky/vysecurity