nc9001
Follow
Lists (6)
Stars
x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks
Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
Windows Privilege Escalation from User to Domain Admin.
Avalonia-based .NET Decompiler (port of ILSpy)
A PowerShell console in C/C++ with all the security features disabled
Files for http://blog.deniable.org/posts/windows-callbacks/
Deserialization payload generator for a variety of .NET formatters
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
xforcered / BokuLoader
Forked from boku7/BokuLoaderA proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
xforcered / CredBandit
Forked from anthemtotheego/CredBanditProof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Original C Implementation of the Hell's Gate VX Technique
Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
Collection of malware source code for a variety of platforms in an array of different programming languages.
This program is designed to demonstrate various process injection techniques
USB Army Knife – the ultimate close access tool for penetration testers and red teamers.
Samples for the book Windows Kernel Programming, 2nd edition
wappalyzer alternative based on wappalyzer browser extension
rasta-mouse / ThreatCheck
Forked from matterpreter/DefenderCheckIdentifies the bytes that Microsoft Defender / AMSI Consumer flags on.
Convert Cobalt Strike profiles to modrewrite scripts
A few starter examples of ansible playbooks, to show features and how they work together. See http://galaxy.ansible.com for example roles from the Ansible community for deploying many popular appli…