nmbshiva's Stars
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
fancycode/MemoryModule
Library to load a DLL from memory.
stephenfewer/ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
p0dalirius/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
fin3ss3g0d/evilgophish
evilginx3 + gophish
jthuraisamy/SysWhispers2
AV/EDR evasion via direct system calls.
wavestone-cdt/EDRSandblast
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
tevora-threat/SharpView
C# implementation of harmj0y's PowerView
mgeeky/PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
antonioCoco/JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
Idov31/Sandman
Sandman is a NTP based backdoor for red team engagements in hardened networks.
Group3r/Group3r
Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
Dewera/Lunar
A lightweight native DLL mapping library that supports mapping directly from memory
akamai/akamai-security-research
This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
testanull/ProxyNotShell-PoC
ConsciousHacker/WFH
Octoberfest7/XLL_Phishing
XLL Phishing Tradecraft
fin3ss3g0d/cypherhound
Python3 terminal application that contains 405 Neo4j cyphers for BloodHound data sets and 388 GUI cyphers
hAPI-hacker/Hacking-APIs
Tw1sm/RITM
Roast in the Middle
tyranid/blackhat-usa-2022-demos
Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"
voidz0r/CVE-2022-44268
A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
ustayready/golddigger
fortra/CreateProcess
A small PoC that creates processes in Windows
SpikySabra/Kernel-Cactus
It's pointy and it hurts!
dsnezhkov/TruffleSnout
Iterative AD discovery toolkit for offensive operations
plackyhacker/AMSI-Bypass
Another AMSI bypass - but in C++.
snovvcrash/CrackMapExec
A swiss army knife for pentesting networks
claissg/remote_amsi_bypass
Kill AMSI in a remote process PoC