Pinned Repositories
BOFMask
DInvokeProcessHollowing
DriverBlock
Haskell-Reverse-Shell
hiding-your-syscalls
Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
hook-integrity-checks
SharpBuster
SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and similar tools, when running a similar tool over a SOCKS proxy is not feasible.
SharpRDPThief
A C# implementation of RDPThief to steal credentials from RDP.
suspendedunhook
VectoredExceptionHandling
passthehashbrowns's Repositories
passthehashbrowns/hiding-your-syscalls
Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
passthehashbrowns/SharpRDPThief
A C# implementation of RDPThief to steal credentials from RDP.
passthehashbrowns/BOFMask
passthehashbrowns/VectoredExceptionHandling
passthehashbrowns/SharpBuster
SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and similar tools, when running a similar tool over a SOCKS proxy is not feasible.
passthehashbrowns/suspendedunhook
passthehashbrowns/DInvokeProcessHollowing
passthehashbrowns/hook-integrity-checks
passthehashbrowns/Haskell-Reverse-Shell
passthehashbrowns/DriverBlock
passthehashbrowns/passthehashbrowns.github.io
passthehashbrowns/PrefetchMute
passthehashbrowns/execute-multiple-assemblies
passthehashbrowns/OffensiveHaskell
passthehashbrowns/XorShellcode
passthehashbrowns/Azure-Managed-Identity-REST-Examples
passthehashbrowns/MicroBurst
A collection of scripts for assessing Microsoft Azure security
passthehashbrowns/BloodHound
Six Degrees of Domain Admin
passthehashbrowns/geacon
Practice Go programming and implement CobaltStrike's Beacon in Go
passthehashbrowns/MSOLSpray
This version of MSOLSpray supports the DoubleTap tool from Porchetta Industries. MSOLSpray is a password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
passthehashbrowns/process_doppelganging
My implementation of enSilo's Process Doppelganging (PE injection technique)
passthehashbrowns/shell-backdoor-list
🎯 PHP / ASP - Shell Backdoor List 🎯
passthehashbrowns/SQLRecon
A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
passthehashbrowns/win32
Haskell support for the Win32 API