epichoxha Goto Github PK

sharpgpo

A Red Team tool for remotely manipulating Group Policy Object(GPO), Organizational Unit(OU), GPLink and Security Filtering

sharpmapexec

sharpnamedpipepth

Pass the Hash to a named pipe for token Impersonation

sharpnopsexec

Get file less command execution for lateral movement.

sharpsecdump

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py

sharpstrike

A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.

shellcode-injection-techniques

A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some techniques are better than others at bypassing AV.

shhhloader

Syscall Shellcode Loader (Work in Progress)

sliver

Adversary Emulation Framework

sneaky_gophish

Hiding GoPhish from the boys in blue

sourcepoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

spawn

Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.

spoofing-gate

(Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll

standin

StandIn is a small .NET35/45 AD post-exploitation toolkit

sudo_killer

Script written in bash to exploit sudo misconfigurations and vulnerabilities

supernova

Real fucking shellcode encryption tool

suspendedthreadinjection

Another meterpreter injection technique using C# that attempts to bypass Defender

syscallpack

BOF and Shellcode for full DLL unhooking using dynamic syscalls

syswhispers

AV/EDR evasion via direct system calls.

syswhispers3

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

syswhispers3aesloader

the-hacker-recipes

This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.

threadlessinject

Threadless Process Injection using remote function hooking.

threadstackspoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

threatcheck

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

toolies

Ad hoc pentest stuff

tools

ultimateapplockerbypasslist

The goal of this repository is to document the most common techniques to bypass AppLocker.

update-golang

update-golang is a script to easily fetch and install new Golang releases with minimum system intrusion

vajra

Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.