theomilan3 Goto Github PK

sharpbeacon111111

CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能

sharpdecryptpwd

对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。源码：https://github.com/RowTeam/SharpDecryptPwd

sharpdecryptpwd1111

SharpDecryptPwd source, To Decrypt Navicat,Xmanager,Filezilla,Foxmail,WinSCP,etc

sharpefspotato

Local privilege escalation from SeImpersonatePrivilege using EfsRpc.

sharpgpoabuse

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.

sharpsccm

A C# utility for interacting with SCCM

sharpsystemtriggers

Collection of remote authentication triggers in C#

sharpterminator

Terminate AV/EDR Processes using kernel driver

shellghost

A memory-based evasion technique which makes shellcode invisible from process start to end.

sigma-detection-rules

Set of SIGMA rules (>320) mapped to MITRE Att@k tactic and techniques

sigma-rules

Rules generated from our investigations.

sigmapotato

SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.

silentmoonwalk

PoC Implementation of a fully dynamic call stack spoofer

skills

sleepmask-vs

A simple Sleepmask BOF example

sourcepoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

spoolfool

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

spoolsample

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

spray

A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)

sweetdreams

Implementation of Advanced Module Stomping and Heap/Stack Encryption

sweetpotato

Modifying SweetPotato to support load shellcode and webshell

terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

terraform-provider-ec

Terraform provider for the Elasticsearch Service and Elastic Cloud Enterprise

testfx

MSTest framework and adapter

tgtdelegation

tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"

the-hacker-recipes

This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.

threadstackspoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

threat-hunting-and-detection

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

threathunting

An informational repo about hunting for adversaries in your IT environment.

uac-bof-bonanza

Collection of UAC Bypass Techniques Weaponized as BOFs