RedditC2: Abusing Reddit API to host the C2 traffic
RedditC2 Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, might be a great way to make the traffic look legit. Workflow Teamserver...
Category: Exploitation
SilentMoonwalk: PoC Implementation of a fully dynamic call stack spoofer
SilentMoonwalk SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding...
hackebds: backdoor and shellcode generation for various architecture devices
hackebds In the process of penetration and vulnerability mining of embedded devices, many problems have been encountered. One is that some devices do not have telnetd or ssh services to...
Alcatraz: x64 binary obfuscator
Alcatraz Alcatraz is an x64 binary obfuscator that is able to obfuscate various different pe files including: .exe .dll .sys Features In the following showcase, all features (besides the one...
sh4d0wup v0.9.1 releases: Signing-key abuse and update exploitation framework
sh4d0wup Have you ever wondered if the update you downloaded is the same one everybody else gets or did you get a different one that was made just for you? Shadow...
ulexecve: Execute dynamic or statically compiled ELF Linux binaries without ever calling execve()
ulexecve This Python tool is called ulexecve and it stands for userland execve. It helps you execute arbitrary ELF binaries on Linux systems from userland without ever calling the execve() systemcall. In other...
Striker: simple Command and Control (C2) program
Striker C2 Striker is a simple Command and Control (C2) program. Features A) Agents Native agents for Linux and windows hosts. Self-contained, minimal python agent should you ever need it. HTTP(s) channels. Asynchronous...
Spartacus v2.2 releases: DLL Hijacking Discovery Tool
Spartacus DLL Hijacking Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an...
geacon_pro: cross-platform CobaltStrike Beacon bypass anti-virus
geacon_pro geacon_pro is an Anti-Virus bypassing CobaltStrike Beacon written in Golang based on the geacon project. geacon_pro supports CobaltStrike version 4.1+ geacon_pro has implemented most functions of Beacon. The core of...
powershell obfuscation: simple and effective powershell obfuscaiton tool bypass Anti-Virus
Powershell obfuscation A simple and effective powershell obfuscation tool bypass Anti-Virus, VT. AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation. The tool with the best anti-obfuscation effect at present...
BrokenFlow: invoke an encrypted shellcode
BrokenFlow A simple PoC to invoke an encrypted shellcode by using a hidden call. Introduction This code uses a simple trick to hide the instruction that effectively will jump to our...
Freeze v1.3 releases: payload toolkit for bypassing EDRs
Freeze Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR...
RustChain: Hide memory artifacts using ROP and hardware breakpoints
RustChain This tool is a simple PoC of how to hide memory artifacts using an ROP chain in combination with hardware breakpoints. The ROP chain will change the main module...
ADFSRelay: NTLM Relaying Attacks Targeting ADFS
ADFSRelay This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message....
Pyramid: Python scripts to evade EDRs
What is it Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs. The main purpose of the tool is to perform offensive...
