OdinLdr Cobaltstrike UDRL with memory evasion Features: Redirect all WININET calls over callstack crafting Encrypt beacon during sleep Encrypt beacon heap during sleep Self delete of loader EXECUTION OF LOADER 1 – Create heap...
Voidgate A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions,...
What is Pacu? Pacu is an open-source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within...
legba Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime to achieve better performances and stability while consuming fewer resources than similar tools. Supported...
NativeDump NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList, and Memory64List Streams)....
SCLauncher – Basic Shellcode Tester, Debugger and PE-File Wrapper This program is designed to load 32-bit or 64-bit shellcode and allow for execution or debugging. In addition, it can produce executable PE files based...
CcmPwn ccmpwn.py – lateral movement script that leverages the CcmExec service to remotely hijack user sessions. Explanation System Center Configuration Manager (SCCM) clients make use of the CcmExec service, which initiates the execution of C:\Windows\CCM\SCNotification.exe for every...
NucleiScanner NucleiScanner is an automation tool that combines Nuclei, Subfinder, Gau, Paramspider, and httpx functionality to enhance web application security testing. It uses Subfinder to collect subdomains, Gau to collect URLs by filtering unwanted...
Entraspray Entraspray is a rewrite of MSOLSpray in Python. The main purpose of this tool remains the same: to perform password spraying against Microsoft Azure accounts while also providing detailed information about account status...
