PloitKit: The Hacker’s ToolBox
PloitKit is a Python-based GUI tool designed as one-stop for all other software. I was facing these kinds of problem when I need to switch to the different system, or...
Category: Exploitation
osueta: exploit the OpenSSH User Enumeration Timing Attack
What’s OSUETA? Osueta it’s a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions <= 7.2 and >= 5.* . The script has the...
Windows Privilege Escalation Techniques and Scripts
Windows Privilege Escalation Windows Privilege Escalation Techniques and Scripts CopyAndPasteFileDownloader.bat Windows file transfer script that can be pasted to the command line. File transfers to a Windows machine can be...
sRDI – Shellcode Reflective DLL Injection
sRDI – Shellcode Reflective DLL Injection sRDI allows for the conversion of DLL files to position independent shellcode. Functionality is accomplished via two components: C project which compiles a PE...
Blackbone: Windows memory hacking library
Blackbone Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write...
gscript: Scriptable dynamic runtime execution of malware
gscript Genesis Scripting Engine Genesis Scripting (gscript for short) is a technology I’ve developed to enable more intelligent malware stagers. Typically, stagers are pretty dumb. Most stagers are unique to...
Invoke-DOSfuscation: Cmd.exe Command Obfuscation Generator & Detection
Invoke-DOSfuscation v1.0 Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. Over the past several years as an Incident Response consultant, I have witnessed a myriad of obfuscation and...
puzzCode: build uncrackable windows application against analysis tools
puzzCode(Puzzle Code) puzzCode is a simple compiler based on mingw, written in C# to build windows applications in such a way that they can’t be analyzed by standard analysis tools...
Red Team scripts: A collection of Red Team focused tools, scripts, and notes
Red Team Scripts Red Team Scripts is a collection of red teaming related tools, scripts, techniques, and notes developed or discovered over time during engagements. Related tool release blog posts...
msf-autopwn: Auto exploitation of some of the most common vulnerabilities in wild
msf-autopwn Performs or reads a Nmap scan then automatically exploits machines that contain some of the most common vulnerabilities. Installation This install is only tested on Kali. Clone into the...
Sticky-Keys-Slayer: Scans for accessibility tools backdoors via RDP
Sticky-Keys-Slayer Scans for accessibility tools backdoors via RDP stickyKeysSlayer.sh Establishes a Remote Desktop session (RDP) with the specified hosts and sends keypresses to launch the accessibility tools within the Windows...
EternalView: information gathering and vulnerability assessment tool
EternalView EternalView is an all in one basic information gathering tool Features: Feature Explanation Whois Information Prints the whois information of the entered web address DNS lookup Prints the DNS...
[BlackHat USA tool] Powershell-RAT: Python based backdoor
Powershell-RAT The python-based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during the red team engagements to backdoor any Windows machines. It tracks the user...
PESecurity: verifying ASLR, DEP, and SafeSEH with PowerShell
PESecurity PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA. Download git clone https://github.com/NetSPI/PESecurity.git Usage ...
reverse-shell v1.1.3 releases: Reverse Shell as a Service
reverse-shell Easy to remember reverse shell that should work on most Unix-like systems. Detects available software on the target and runs an appropriate payload. Download git clone https://github.com/lukechilds/reverse-shell.git Usage 1. Listen...
