EntropyReducer: Reduce The Entropy Of Your Payload And Obfuscate It With Serialized Linked Lists How Does It Work EntropyReducer algorithm is determined by BUFF_SIZE and NULL_BYTES values. The following is how would EntropyReducer organize your payload if BUFF_SIZE was...
rebindMultiA rebindMultiA is a tool to perform a Multiple A Record rebind attack. rebindmultia.com is a domain that I’ve set up to assist with these attacks. It makes every IP its own...
Maintaining Access / Post Exploitation
by do son · Published May 11, 2023 · Last modified April 20, 2024
SCCMHunter SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain. The basic function of the tool is to query...
Platbox UEFI and SMM Assessment Tool Features Platbox is a tool that helps assessing the security of the platform: Dumps the platform registers that are interesting security-wise Flash Locks MMIO...
Acheron Acheron is a library inspired by SysWhisper3/FreshyCalls/RecycledGate, with most of the functionality implemented in Go assembly. acheron package can be used to add indirect syscall capabilities to your Golang tradecraft,...
Hades Hades is a proof-of-concept loader that combines several evasion techniques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs. Install The easiest way is probably...
bootlicker bootlicker is a legacy, extensible UEFI firmware rootkit targeting vmware hypervisor virtual machines. It is designed to achieve initial code execution within the context of the windows kernel, regardless...
Azure-AccessPermissions Easy to use PowerShell script to enumerate access permissions in an Azure Active Directory environment. Background details can be found in the accompanied blog posts: Untangling Azure Active Directory...
Nidhogg Nidhogg is a multi-functional rootkit for red teams. The goal of Nidhogg is to provide an all-in-one and easy-to-use rootkit with multiple helpful functionalities for red team engagements that...
graphcat A simple script to generate graphs and charts on hashcat (and john) potfile and ntds. Install git clone https://github.com/Orange-Cyberdefense/graphcat cd graphcat pip install . Use Graphcat just needs a...
GodPotato Based on the history of Potato privilege escalation for 6 years, from the beginning of RottenPotato to the end of JuicyPotatoNG, I discovered a new technology by researching DCOM,...
Discord Voice Channel C2 aka DCVC2 This multi-operating system-compatible tool was created to leverage Discord’s voice channels for command and control operations. This tool operates entirely over the Real-Time Protocol...
Information Gathering / Vulnerability Analysis
by do son · Published April 27, 2023 · Last modified May 23, 2023
KeePwn A python script to help red teamers discover KeePass instances and extract secrets. Features & Roadmap KeePass Discovery Accept multiple target sources (IP, range, hostname, file) Automatically look for...
AtomLdr: A DLL loader with evasive features Features: CRT library independent. The final DLL file, can run the payload by loading the DLL (executing its entry point), or by executing...
Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests. Kubestroyer is a Golang exploitation tool that aims to take advantage of Kubernetes...
Support Securityonline.info site. Thanks!
