Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download git clone https://github.com/RalfHacker/Kerbeus-BOF.git Use...
V’ger V’ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you’ve found Jupyter credentials, but don’t know what you...
AI Exploits The AI world has a security problem and it’s not just in the inputs given to LLMs such as ChatGPT. Based on research done by Protect AI and independent security experts on the Huntr Bug...
EDRaser EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. Automated Mode In automated...
Deepfake Offensive Toolkit dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual camera injection. dot is created for performing penetration testing against e.g. identity verification and video conferencing systems, for the use by...
Ghost Scheduled Task While using scheduled tasks as a means of persistence is not a novel approach, threat actors have employed various techniques to conceal their malicious tasks. A notable method involves removing the SD...
Stifle Nearly a year ago, Jonas Knudsen (@Jonas_B_K) over at SpecterOps published a blog titled “ADCS ESC14 Abuse Technique”, covering a previously known technique for leveraging Active Directory Certificate Services (ADCS) for multiple types...
OdinLdr Cobaltstrike UDRL for beacon and post-ex tools. Use NtApi call with synthetic stackframe to confuse EDR based on stackframe detection. Beacon Use BeaconUserData structure to give memory information to beacon and allocate memory...
pcfg_cracker This project uses machine learning to identify password creation habits of users. A PCFG model is generated by training on a list of disclosed plaintext/cracked passwords. In the context of this project, the...
Invoke-ADEnum Active Directory Enumeration Invoke-ADEnum is an Active Directory enumeration tool designed to automate the process of gathering information from an Active Directory environment, leveraging the capabilities of PowerView. With Invoke-ADEnum, you can quickly...
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network and can be used to execute a simulated...
VIPER is a powerful and flexible red team platform. It integrates the core tools and functionalities required for adversary simulation and red team operations, assisting you in efficiently completing cybersecurity assessment tasks. User-Friendly Interface Provides...
DarkWidow This is a Dropper/Post Exploitation Tool (or can be used in both situations) targeting Windows. Capabilities: Indirect Dynamic Syscall. (MITRE ATT&CK TTP: T1106) SSN + Syscall address sorting via Modified TartarusGate approach Remote Process...
APEX – Azure Post Exploitation Framework An attempt to ease up post ex tasks once we have access to some sort of credentials to an Azure related account. To be honest it is nothing...
Weaponized EvilnoVNC: scalable and semi-automated MFA-Phishing via “browser-in-the-middle” Features concurrent EvilnoVNC instances, as many as your server can handle access to EvilnoVNC sessions is limited to generated URLs with random victim-specific identifier in parameter auto block...
C2 Cloud The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the...
