jahawkins Goto Github PK

alternativeshellcodeexec

Alternative Shellcode Execution Via Callbacks

cloudformationproxydeploy

CloudFormation scripts to create a network in AWS with a target configured to use a web-proxy

credbandit

Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel

cs-situational-awareness-bof

Situational Awareness commands implemented using Beacon Object Files

empire

Empire is a PowerShell and Python post-exploitation agent.

farmer

ghostwriter

The SpecterOps project management and reporting engine

go-shellcode

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

hackwestc2lab

To get c2

hashview

A web front-end for password cracking and analytics

hollow

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

keethief

Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.

maliciousmacromsbuild

Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.

minidump

The program is designed to dump full memory of the process by specifing process name or process id.

movekit

Cobalt Strike kit for Lateral Movement

nopowershell

PowerShell rebuilt in C# for Red Teaming purposes

payloadautomation

pbr

Passive Browser Reconnaissance

pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

redteamttps

remoteinjector

Inject remote template link into word document for remote template injection

remotetemplateinjectiondemo

Demo files for remote template injection of .dotm files into .docx

rubeus

Trying to tame the three-headed dog.

safe-git

A script which intercepts the git command and checks for the git command 'add'. It then checks all files in the 'add' command for specific sensitive keywords such as password, apikey, or credentials. It will then display the lines found to the user and prompt the user to see if they would want to continue. It is intended to prevent accidental commits of files containing sensitive credentials or information

screenshotbof

An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.

seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

sharpapplocker

C# port of the Get-AppLockerPolicy PS cmdlet

sharpchromium

.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.

sharpcradle

sharpdpapi

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.