Pinned Repositories
aggrokatz
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
aspia
Remote desktop and file transfer tool.
awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
FuckThatPacker
A simple python packer to easily bypass Windows Defender
GoReSym
Go symbol recovery tool
malleable-c2-PROFILE_TUTORIAL-
Cobalt Strike Malleable C2 Design and Reference Guide
MalwareApiLibrary
collection of apis used in malware development
raitomx's Repositories
raitomx/AMSITrigger
The Hunt for Malicious Strings
raitomx/TamperingSyscalls
raitomx/peekaboo
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
raitomx/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
raitomx/TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
raitomx/MalwareApiLibrary
collection of apis used in malware development
raitomx/dash-holoniq-wordcloud
This project is Plotly/Dash wrapper for for the highly configurable wordcloud library
raitomx/ransomware-sources
Well, im created this shit for educational pruposes (I think)
raitomx/streamlit_metric_dashboard
Streamlit Metric Analytics Dashboard
raitomx/Slient-Doc-Pdf-Exploit-Builder-Fud-Malware-Cve
Vulnerability Disclosure Timeline Closer inspection of the Exploit PDF content reveals the malicious link as well as the URL Download and Execute of the tool used to generate the Exploit PDF from Python encrypted code content which we also implement in couple of our builders.
raitomx/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
raitomx/Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
raitomx/antnium
raitomx/jupyter-collection
Collection of Jupyter Notebooks by @fr0gger_
raitomx/2022-06-05-malware-av-evasion-7
Malware AV evasion via disable Windows Defender (Registry). C++
raitomx/Ninja
Open source C2 server created for stealth red team operations
raitomx/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
raitomx/GoReSym
Go symbol recovery tool
raitomx/attack_data
A repository of curated datasets from various attacks
raitomx/AlanFramework
A C2 post-exploitation framework
raitomx/MrKaplan
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
raitomx/awesome-intelligence-writing
Awesome collection of great and useful resources concerning intelligence writing such as manuals/guides, standards, books, and articles
raitomx/thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
raitomx/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
raitomx/obfuscar
Open source obfuscation tool for .NET assemblies
raitomx/tetanus
Mythic C2 agent targeting Linux and Windows hosts written in Rust
raitomx/AmsiScanBufferBypass
Bypass AMSI by patching AmsiScanBuffer
raitomx/887Rat
887+1 Rat, fully cracked with all 3 working builders
raitomx/2022-04-02-malware-injection-18
Find kernel32 base and API addresses. Simple C++ implementation
raitomx/EDR-Test
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].