Pinned Repositories
aggrokatz
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
aspia
Remote desktop and file transfer tool.
awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
FuckThatPacker
A simple python packer to easily bypass Windows Defender
GoReSym
Go symbol recovery tool
malleable-c2-PROFILE_TUTORIAL-
Cobalt Strike Malleable C2 Design and Reference Guide
MalwareApiLibrary
collection of apis used in malware development
raitomx's Repositories
raitomx/Theattacker-Crypter
Tool to evade Antivirus With Different Techniques
raitomx/attack-stix-data
STIX data representing MITRE ATT&CK
raitomx/annoy-the-script-kiddie
Collection of scripts and other content to make the life of bots and script-kiddies as hard as possible
raitomx/reverse_shell_javascript
A reverse shell in JavaScript using HTTP, used to confirm blind XSS vulnerabilities and a tool for browser post-exploitation
raitomx/awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
raitomx/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
raitomx/lsf
lsf 💾 is an exploiting framework💻 for hackers👨🏼💻and pentester’s
raitomx/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
raitomx/Discord-DLL-Hijacking
This is a simple example of DLL hijacking enabling proxy execution.
raitomx/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.
raitomx/powermayhem
Powershell Payload Generator In Bash !
raitomx/SharpHound4Cobalt
C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
raitomx/pneuma
Default agent for Prelude Operator
raitomx/Fiber
Using fibers to run in-memory code in a different and stealthy way.
raitomx/Awesome_Malware_Techniques
This is a repository of resource about Malware techniques
raitomx/dash-shell-rootkit
Dash rootkit. Linux Trojan Backdoor. (MALWARE)
raitomx/Havoc
The Havoc Framework.
raitomx/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
raitomx/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
raitomx/top-attack-techniques
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.
raitomx/threat-hunting-with-notebooks
Repository with Sample threat hunting notebooks on Security Event Log Data Sources
raitomx/malleable-c2-PROFILE_TUTORIAL-
Cobalt Strike Malleable C2 Design and Reference Guide
raitomx/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
raitomx/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
raitomx/2022-09-06-malware-tricks-23
Malware dev tricks: parent PID spoofing. C++ implementation
raitomx/MustLearnKQL
Code included as part of the MustLearnKQL blog series
raitomx/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
raitomx/Elevator
UAC Bypass by abusing RPC and debug objects.
raitomx/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
raitomx/EDRSandblast