northrenghost

northrenghost's Stars

• monoxgas/sRDI

  Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

  Language:PowerShell2.2k6226465

• vxunderground/VX-API

  Collection of various malicious functionality to aid in malware development

  Language:C++1.5k4713255

• eladshamir/Internal-Monologue

  Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

  Language:C#1.4k570241

• Invoke-IR/PowerForensics

  PowerForensics provides an all in one platform for live disk forensic analysis

  Language:C#1.4k158126274

• klezVirus/SysWhispers3

  SysWhispers on Steroids - AV/EDR evasion via direct system calls.

  Language:Python1.3k2315172

• MichaelKoczwara/Awesome-CobaltStrike-Defence

  Defences against Cobalt Strike

  1.3k565189

• boku7/BokuLoader

  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

  Language:C1.3k2612244

• GhostPack/SharpDPAPI

  SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

  Language:C#1.2k3414213

• med0x2e/GadgetToJScript

  A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

  Language:C#8932514161

• FuzzySecurity/StandIn

  StandIn is a small .NET35/45 AD post-exploitation toolkit

  Language:C#717166123

• ail-project/ail-framework

  AIL framework - Analysis Information Leak framework

  Language:Python6313320585

• ajpc500/BOFs

  Collection of Beacon Object Files

  Language:C558171112

• WithSecureLabs/CallStackSpoofer

  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

  Language:C++4496163

• Arno0x/ShellcodeWrapper

  Shellcode wrapper with encryption for multiple target languages

  Language:Python434123121

• mgeeky/ElusiveMice

  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

  Language:C42811373

• Cracked5pider/KaynStrike

  UDRL for CS

  Language:C41811262

• pwn1sher/frostbyte

  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads

  Language:C#3807147

• NetSPI/DAFT

  DAFT: Database Audit Framework & Toolkit

  Language:C#1738246

• 0x6d696368/ghidra_scripts

  Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.

  Language:Python15712118

• klezVirus/NimlineWhispers3

  A tool for converting SysWhispers3 syscalls for use with Nim projects

  Language:Nim1415017

• djhohnstein/cliProxy

  Proxy Unix applications in the terminal

  Language:Go1138012

• proxb/PoshPrivilege

  Manage user privileges on a local machine or view applied privileges on local or remote system

  Language:PowerShell10614922

• nyxgeek/guestlist

  tool for identifying guest relationships between companies

  Language:Python84603

• zyn3rgy/ClickonceHunter

  Golang search engine scraper intended for identification of published ClickOnce deployments

  Language:Go69307

• nyxgeek/teamstracker

  using graph proxy to monitor teams user presence

  Language:Python52514

• Lookyloo/PlaywrightCapture

  Capture a URL with Playwright

  Language:Python30393

• kyleavery/Multi-Stage-Mythic

  Language:HCL24205

• djhohnstein/HookDetector

  Playing with PE's and Building Structures by Hand

  Language:C++22103

• leechristensen/TribesRebirth

  Language:C++510

• ASkyeye/Mangle

  Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

  Language:Go21