Pinned Repositories
APTnotes
Various public documents, whitepapers and articles about APT campaigns
DoubleAgent
Zero-Day Code Injection and Persistence Technique
htaccess
A collection of useful .htaccess snippets.
injectors
There are non-obfuscated, commented versions of some of Veil-Evasion's shellcode-injection and Meterpreter payload modules.
Kautilya
Kautilya is a toolkit which provides various payloads for a Human Interface Device which helps in Penetration Testing.
Old-Powershell-payload-Excel-Delivery
Contains automatic persistence.
PowerOPS
PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
PowerWorm
Analysis, detection, and removal of the "Power Worm" PowerShell-based malware
ps1encode
pupy
Pupy is an opensource, multi-platform Remote Administration Tool with an embedded Python interpreter. Pupy can load python packages from memory and transparently access remote python objects. Pupy can communicate using different transports and have a bunch of cool features & modules. On Windows, Pupy is a reflective DLL and leaves no traces on disk.
syphersec's Repositories
syphersec/PowerOPS
PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
syphersec/pupy
Pupy is an opensource, multi-platform Remote Administration Tool with an embedded Python interpreter. Pupy can load python packages from memory and transparently access remote python objects. Pupy can communicate using different transports and have a bunch of cool features & modules. On Windows, Pupy is a reflective DLL and leaves no traces on disk.
syphersec/DoubleAgent
Zero-Day Code Injection and Persistence Technique
syphersec/AdAware-Powershell
A Powershell Module for using AdAware Command Line Scanner.
syphersec/Aggressor-scripts
Aggressor scripts I've made for Cobalt Strike
syphersec/ARDT
Akamai Reflective DDoS Tool - Attack the origin host behind the Akamai Edge hosts and DDoS protection offered by Akamai services.
syphersec/fathomless
A collection of different programs that work together for red teaming.
syphersec/HookingNirvana
Recon 2015 Presentation from Alex Ionescu
syphersec/LazyWinAdmin_GUI
PowerShell Script that generates a GUI/WinForms loaded with tons of functions
syphersec/malware-2
Malware source code samples uploaded to GitHub for those who want to analyze the code.
syphersec/Mirai-Source-Code
Leaked Mirai Source Code for Research/IoC Development Purposes
syphersec/MRI-Loader
Patch to disable expiration date on GeekSquad MRI
syphersec/N8N-Workflows
syphersec/Noriben
Noriben - Portable, Simple, Malware Analysis Sandbox
syphersec/PHP-Shell-Detector
Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.
syphersec/Powershell-7zip
This is a basic PowerShell module for interacting with the command line version on 7zip.
syphersec/Probable-Wordlists
Wordlists sorted by probability originally created for password generation and testing
syphersec/PSAppDeployToolkit
Project Homepage & Forums
syphersec/querywall
Autopilot protection for your WordPress against malicious URL requests.
syphersec/RAT-via-Telegram
Windows Remote Administration Tool via Telegram
syphersec/rebuild-pages
Rebuild pages with backlinks by importing Majestic CSV export.
syphersec/Shellcode-Via-HTA
How To Execute Shellcode via HTA
syphersec/TreeSizeHtml
A Powershell clone of the classic TreeSize administrators tool
syphersec/trigen
Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
syphersec/TSA-Travel-Sentry-master-keys
3D reproduction of TSA Master keys
syphersec/vmulti
Virtual Multiple HID Driver (multitouch, mouse, digitizer, keyboard, joystick)
syphersec/windows-tools
Some applets courtesy of Ponderworthy folks and friends.
syphersec/WindowsMalwareSourceCode
Collection of Source Code of Various Malware Targeting the Windows Platform
syphersec/wsjUnblock
Chrome extension to bypass Wall Street Journal, New York Times, FT.com, Bloomberg paywalls
syphersec/ZeroAccess
ZeroAccess v3 toolkit