mgeeky
🔴 Red Team operator. 👾 I live & breath Windows malware. 🛡️ Securing the world by stealing cyber criminals' operation theater and exposing it through code
Binary-Offensive.comPoland
Pinned Repositories
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
decode-spam-headers
A script that helps you understand why your E-Mail ended up in Spam
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
tomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
mgeeky's Repositories
mgeeky/dirbuster
wfuzz, SecLists and john -based dirbusting / forceful browsing script intended to be used during web pentest assingments
mgeeky/ntfs-journal-viewer
Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.
mgeeky/LISET
Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident response (either forensic or malware oriented).
mgeeky/RPISEC-MBE-Solutions
Solutions to the RPISEC MBE / Modern Binary Exploitation VM & course.
mgeeky/prc_xchk
User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
mgeeky/wifi-arsenal
WiFi arsenal
mgeeky/injectAllTheThings
Seven different DLL injection techniques in one single project.
mgeeky/SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
mgeeky/artifacts-kit
Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
mgeeky/beef
The Browser Exploitation Framework Project
mgeeky/stegano1
College project implementing some of the compression and image steganographic algorithms.
mgeeky/peCloakCapstone
Platform independent peCloak fork based on Capstone
mgeeky/ssf
Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
mgeeky/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
mgeeky/DET
(extensible) Data Exfiltration Toolkit (DET)
mgeeky/linux-utils
Some linux utils I've coded and decided to share.
mgeeky/loffice
Lazy Office Analyzer
mgeeky/SharpHound
The BloodHound C# Ingestor
mgeeky/WireTap
.NET 4.0 Project to interact with video, audio and keyboard hardware.
mgeeky/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
mgeeky/impacket
Impacket is a collection of Python classes for working with network protocols.
mgeeky/pinjectra
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
mgeeky/rpivot
socks4 reverse proxy for penetration testing
mgeeky/SharpStay
.NET project for installing Persistence
mgeeky/Symulacja-Reaktora-Jadrowego
(Polish only) Program przygotowywany na uczelnie w ramach kursu "Symulacje Komputerowe". Przedstawia hipotetyczna prace reaktora jadrowego w roznych stanach i konfiguracjach.
mgeeky/CVE-2019-0708
CVE-2019-0708 exploit
mgeeky/enumerate-iam
Enumerate the permissions associated with AWS credential set
mgeeky/MojePrzepisy
mgeeky/StayKit
Cobalt Strike kit for Persistence
mgeeky/WebDAV
Set Up WebDAV Server for Remote File Sharing and more