Pinned Repositories
Aggressor-Scripts
Aggregation of Cobalt Strike's aggressor scripts.
CovenantTasks
Source for tasks I have used with Covenant
GetSystem
This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.
OfficeMacro64
This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/
poc
Proof of Concepts
PSEmp
C Sharp implementation of PowerShell Empire stage 1 (HTTPS) - Original work by Julio Ureña
retisRansomwareDecryptor
This is a tool for decrypting files encrypted by the Retis ransomware ".crypted"
SharpTools
Public tools already compiled in C#
py7hagoras's Repositories
py7hagoras/CovenantTasks
Source for tasks I have used with Covenant
py7hagoras/GetSystem
This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.
py7hagoras/OfficeMacro64
This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/
py7hagoras/PSEmp
C Sharp implementation of PowerShell Empire stage 1 (HTTPS) - Original work by Julio Ureña
py7hagoras/retisRansomwareDecryptor
This is a tool for decrypting files encrypted by the Retis ransomware ".crypted"
py7hagoras/poc
Proof of Concepts
py7hagoras/SharpTools
Public tools already compiled in C#
py7hagoras/Aggressor-Scripts
Aggregation of Cobalt Strike's aggressor scripts.
py7hagoras/appsectraining
AppSec Training
py7hagoras/blacktech
BlackTech class for Security
py7hagoras/C_Shot
py7hagoras/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
py7hagoras/csharp
Various C# projects for offensive security
py7hagoras/defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27
py7hagoras/DVWA
Damn Vulnerable Web Application (DVWA)
py7hagoras/exploits
py7hagoras/injection
Windows process injection methods
py7hagoras/krsvc
py7hagoras/nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
py7hagoras/pentest-scripts
Some scripts encountered while pentesting
py7hagoras/plaintext
py7hagoras/ppid-spoofing
Scripts for performing and detecting parent PID spoofing
py7hagoras/Rubeus
Trying to tame the three-headed dog.
py7hagoras/SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
py7hagoras/Sharp-Suite
My musings with C#
py7hagoras/Sharp-WMIExec
py7hagoras/SharpSpray
SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike.
py7hagoras/SharpWeb
.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
py7hagoras/spoofing-office-macro
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
py7hagoras/VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.