ExecuteAssembly ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR Modules/AppDomainManager, Stomping...
Geacon Using Go to implement CobaltStrike’s Beacon This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the...
SharpSphere – Attacking vSphere Infrastructure SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter. It uses the vSphere Web...
PyBeacon PyBeacon is a collection of scripts for dealing with Cobalt Strike’s encrypted traffic. It can encrypt/decrypt beacon metadata, as well as parse symmetrically encrypted taskings Scripts included There is...
Cobalt Strike Shellcode Generator Adds Shellcode – Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and...
shellex C-shellcode to hex converter. A handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editors. Are you having problems converting C-shellcodes...
EXCELntDonut EXCELntDonut is an XLM (Excel 4.0) macro generator. Start with C# source code (EXE) and end with an XLM (Excel 4.0) macro that will execute your code in memory....
SysWhispers2 SysWhispers helps with AV/EDR evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported and example generated files available in the example-output/ folder....
SharpZipRunner Executes position independent shellcode from an encrypted zip Get PIC code from your assembly either by using a donut or Metasploit or cobaltstrike RAW format. zip the .bin file...
DarkFinger-C2 Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software. Microsoft Windows TCPIP Finger Command “finger.exe” that ships with the OS can be used as a file downloader...
Nimplant Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for...
drow drow is a command-line utility that is used to inject code and hook the entrypoint of ELF executables (post-build). It takes unmodified ELF executables as input and exports a...
sploit Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well-designed API...
ShellcodeLoader ShellcodeLoader of windows can bypass AV. Features It has many loading modes. There are 13 loading modes in 32 bits and 12 loading modes in 64 bits. Support development....
Powerglot Powerglot encodes several kinds of scripts using polyglots, for example, offensive powershell scripts. It is not needed a loader to run the payload. In red-team exercises or offensive tasks,...
Support Securityonline.info site. Thanks!
