Ghost Scheduled Task While using scheduled tasks as a means of persistence is not a novel approach, threat actors have employed various techniques to conceal their malicious tasks. A notable...
Nemesis Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing...
CuddlePhish Weaponized multi-user browser-in-the-middle (BitM) for penetration testers. This attack can be used to bypass multi-factor authentication on many high-value web applications. It even works for applications that do not...
Ingram This is a webcam device vulnerability scanning tool, that already supports Hikvision, Dahua, and other devices. Installation Firstly, clone this repo: git clone https://github.com/jorhelp/Ingram.git Then, go to the repo...
SecScanC2 SecScanC2 can manage assessment to create a P2P network for security scanning & C2. The tool can assist security researchers in conducting penetration testing more efficiently, preventing scanning from...
Shellz A script for generating common reverse shells fast and easy. Especially nice when in need of PowerShell and Python reverse shells, which can be a PITA getting correctly formatted....
NetExec – The Network Execution Tool This project was initially created in 2015 by @byt3bl33d3r, known as CrackMapExec. In 2019 @mpgn_x64 started maintaining the project for the next 4 years,...
LolDriverScan LolDriverScan is a golang tool that allows users to discover vulnerable drivers on their system. This tool fetches the loldrivers.io list from their APIs and scans the system for any vulnerable...
HeaderLessPE HeaderLessPE is a memory PE loading technique used by the Icedid Trojan. Based on this technology, we propose a new way of file-less attack using HVNC. This enhancement allows...
OSINTBuddy Welcome to the OSINTBuddy project where you can connect, combine, and get insights from unstructured and public data as results that can be explored step-by-step. An easy-to-use plugin system...
ADMiner ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a...
GPOddity The GPOddity project aims at automating GPO attack vectors through NTLM relaying (and more). For more details regarding the attack and a demonstration of how to use the tool,...
DavRelayUp A quick and dirty port of KrbRelayUp with modifications to allow for NTLM relay from webdav to LDAP in order to streamline the abuse of the following attack primitive: (Optional) New...
ContainYourself A PoC of the ContainYourself research, presented on DEFCON 31. This tool abuses the Windows containers framework to bypass EDR file-system-based malware protection, file write restrictions, and ETW-based correlations. This...
RedPersist RedPersist is a Windows Persistence tool written in C# Usage You can use it with execute-assembly or standalone executable RedPersist.exe –method C:\Path\to\executable.exe RedPersist.exe –help Available Methods –help/-h : Help Menu...
Support Securityonline.info site. Thanks!
