Chisel-Strike A .NET XOR encrypted cobalt strike aggressor implementation for the chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience, I found socks4/socks4a proxies quite slow in comparison...
SharpEventPersist Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file “C:\path\to\shellcode.bin” -instanceid 1337 -source Persistence -eventlog “Key Management Service”. The shellcode is converted to hex and written...
COM-Hunter COM-hunter is a COM Hijacking persistence tool written in C#. Features Finds out entry valid CLSIDs in the victim’s machine. Finds out valid CLSIDs via Task Scheduler in the victim’s machine. Finds out...
PersistBOF A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) Technique Overview All of these techniques rely...
Stowaway Stowaway is a Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes (multi-layer) PS: The files under the demo folder are Stowaway’s beta version,...
PoisonApple Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cyber threat emulation purposes. Changelog v0.2.3 Formatted code using black, bump license for...
pwncat Netcat with Firewall and IPS evasion, bind and reverse shell, local and remote port-forward. Motivation Ever accidentally hit Ctrl+c on your reverse shell and it was gone for good? Ever waited forever for your client...
Tor Rootkit A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get’s established over the tor network. Features Standalone executable, including python interpreter and tor The executable has a size of...
Reverse Shell Backdoor is a framework to control infected machines In this repository contains two programs. A backdoor and the user’s interface. the backdoor needs to be compiled sent to the victim and executed....
emptynest Emptynest is a plugin based C2 server framework. The goal of this project is not to replace robust tools such as Empire, Metasploit, or Cobalt Strike. Instead, the goal is to create a...
