seahop
Red Teamer. Just out here creating some simple PoCs for red teamy things. Amateur coder. No best practices here.
United States
Pinned Repositories
CPP_XOR
getPIDIntegrity
Injection
mimiRust
All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
patchETW
Function to patch ETW with syscalls
RemoteProcDLLInject
RemoteShellcodeInjection_XOR
SyscallProcScan
Syscall process scanner
titan
Titan: A generic user defined reflective DLL for Cobalt Strike
seahop's Repositories
seahop/Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
seahop/Chimera
Automated DLL Sideloading Tool With EDR Evasion Capabilities
seahop/Christmas
seahop/Click-Once-App-Domain-Injection
Click Once + App Domain
seahop/Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
seahop/Cobalt-Strikescripts
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
seahop/cookie-monster
BOF to steal browser cookies & credentials
seahop/CsWhispers
Source generator to add D/Invoke and indirect syscall methods to a C# project.
seahop/CsWin32
A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.
seahop/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
seahop/espoofer
An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻
seahop/GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
seahop/InflativeLoading
Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
seahop/InjectKit
Modified versions of the Cobalt Strike Process Injection Kit
seahop/IoDllProxyLoad
DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
seahop/KDU
Kernel Driver Utility
seahop/lolcerts
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
seahop/MsGraphFunzy
Script to dump emails through Microsoft Graph API
seahop/myph
shellcode loader for your evasion needs
seahop/NativeThreadpool
Worker and timer callback example using solely Native Windows APIs.
seahop/PEAs
seahop/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
seahop/PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
seahop/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
seahop/SSHniffer
seahop/SymProcSleuth
A pure C version of SymProcAddress
seahop/ThreadlessInject-C
This repository implements Threadless Injection in C
seahop/UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
seahop/WMIProcessWatcher
A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
seahop/wsgidav
A generic and extendable WebDAV server based on WSGI