Pinned Repositories
AMSIScanBufBypass
Memory Patching AMSIScanBuffer
CS-BOFs
Collection of CobaltStrike beacon object files
fltmc
Cooked fltMC
frostbyte
FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
KillDefender
A small POC to make defender useless by removing its token privileges and lowering the token integrity
pwn1sher
RTImplant
Just another casual shellcode native loader
uuid-loader
UUID based Shellcode loader for your favorite C2
WMEye
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
pwn1sher's Repositories
pwn1sher/KillDefender
A small POC to make defender useless by removing its token privileges and lowering the token integrity
pwn1sher/frostbyte
FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
pwn1sher/WMEye
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
pwn1sher/CS-BOFs
Collection of CobaltStrike beacon object files
pwn1sher/uuid-loader
UUID based Shellcode loader for your favorite C2
pwn1sher/RTImplant
Just another casual shellcode native loader
pwn1sher/AMSIScanBufBypass
Memory Patching AMSIScanBuffer
pwn1sher/fltmc
Cooked fltMC
pwn1sher/pwn1sher
pwn1sher/CertShooter
Extracting Subdomains from CertSpotter API
pwn1sher/nosequeli
Handy script for data ex-filtration with NoSQL Injections
pwn1sher/unix_internals
Things I write to learn unix better
pwn1sher/CobaltStrike-POC
CobaltStrike <= 4.7.1 RCE
pwn1sher/DetectCobaltStomp
Detects Module Stomping as implemented by Cobalt Strike
pwn1sher/docker_fetch
Data extraction tool for Docker Registry API
pwn1sher/Drop-Pi
This is a collection of tools that make up what we call a "Drop-Pi", primarily used as a quick placement device during a physical/social engineering penetration test.
pwn1sher/Golang-PortScanner
Portscanner for Script Kiddies :)
pwn1sher/hookchain
HookChain: A new perspective for Bypassing EDR Solutions
pwn1sher/ImmoralFiber
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation)
pwn1sher/jira-ssrf
CVE-2017-9506