EmbedPayloadInPng Embed a payload within a PNG file by splitting the payload across multiple IDAT sections. Each section is encrypted individually using its own 16-byte key with the RC4 encryption algorithm. Implementation This repository consists...
Penelope Penelope is a shell handler designed to be easy to use and intended to replace netcat when exploiting RCE vulnerabilities. It is compatible with Linux and macOS and requires Python 3.6 or higher....
gost – GO Simple Tunnel Features Listening on multiple ports Multi-level forward proxies – proxy chain Standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support Probing resistance support for web proxy TLS encryption via negotiation support for SOCKS5...
Secure Stager This project demonstrates an x64 position-independent stager that verifies the stage it downloads prior to executing it. This offers a safeguard against man-in-the-middle attacks for those who are concerned about such things....
Ghost Ghost is a shellcode loader project designed to bypass multiple detection capabilities that are usually implemented by an EDR Detection 1 – kernel callbacks kernel callbacks are implemented by an EDR to harness...
Empire Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility....
VOIDMAW This is a new bypass technique for memory scanners. It is useful in hiding problematic code that will be flagged by the antivirus vendors. This is basically an improved version of Voidgate, but without...
Maestro Maestro is a post-exploitation tool designed to interact with Intune/EntraID from a C2 agent on a user’s workstation without requiring knowledge of the user’s password or Azure authentication flows, token manipulation, and web-based...
emp3r0r Linux/Windows post-exploitation framework made by Linux user features beautiful terminal UI, use tmux for window management multi-tasking, you don’t need to wait for any commands to finish basic API provided through Unix socket...
pwnlook Pwnlook is an offensive post exploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it. What it does: List mailboxes List folders...
Pandora This is a red team tool that assists in gathering credentials from different password managers. They are separated into three categories, Windows 10 desktop applications, browsers, and browser plugins. This may work on...
RustiveDump RustiveDump is a Rust-based tool designed to dump the memory of the lsass.exe process using only NT system calls. It creates a minimal minidump file from scratch, containing essential components like SystemInfo, ModuleList, and Memory64List, with support for XOR encryption and remote transmission....
KnowsMore KnowsMore is a Swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS, and DCSync). Main features Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or secretsdump.py)...
Overview This is a tool used to exploit CRED-1 over a SOCKS5 connection (with UDP support). How CRED-1 Attack Works CRED-1 can be broken down into the following steps: Send a DHCP Request for...
Starkiller Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Multi-user GUI application for interfacing with the Empire C2 server from any computer. Starkiller represents a huge step forward...
IllusiveFog IllusiveFog is an implant kit for Microsoft Windows-based networks for long-term stealthy access and recon. IllusiveFog is designed for highly covert & stealthy operations, because of this reason features are kept limited and...
