mgeeky
🔴 Red Team operator. 👾 I live & breath Windows malware. 🛡️ Securing the world by stealing cyber criminals' operation theater and exposing it through code
Binary-Offensive.comPoland
Pinned Repositories
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
decode-spam-headers
A script that helps you understand why your E-Mail ended up in Spam
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
tomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
mgeeky's Repositories
mgeeky/PEInfo
Another Portable Executable files analysing stuff
mgeeky/DISASM
Simple disassembling library (currently only x86)
mgeeky/saruman
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)