HackBrowserData HackBrowserData is a command-line tool for decrypting and exporting browser data (passwords, history, cookies, bookmarks, credit cards, download history, localStorage and extensions) from the browser. It supports the most popular browsers on the market...
EDR Telemetry Blocker Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in the TLS Client Hello...
SUDO_KILLER SUDO_KILLER is a tool that can be used for privilege escalation on the Linux environment by abusing SUDO in several ways. The tool helps to identify misconfiguration within sudo rules, vulnerability within the...
OperatorsKit This repository contains a collection of Beacon Object Files (BOFs) that integrate with Cobalt Strike. Kit content The following tools are currently in the OperatorsKit: Name Description AddExclusion Add a new exclusion to...
TelecordC2 Telecord is an advanced cross-platform c2 using discord and Telegram API, it allows multi-agent handling with ease using Telegram and discord APIs can be good for exfiltration and network evasion, this project is...
RemoteKrbRelay Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework Details Now, you have four folders in front of you: Checker – old version of the checker for detecting vulnerable DCOM objects; Checkerv2.0 – new version...
PsMapExec A PowerShell tool heavily inspired by the popular tool CrackMapExec / NetExec. PsMapExec aims to bring the function and feel of these tools to PowerShell with its own arsenal of improvements. PsMapExec is...
What is CommandoVM? Complete Mandiant Offensive VM (“CommandoVM”) is a comprehensive, customizable, Windows-based security distribution for penetration testing and red teaming. CommandoVM comes packaged with various offensive tools not included in Kali Linux, highlighting the...
SQLRecon Description A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. Mandatory Arguments The mandatory arguments consist of an authentication type (either Windows, Local or Azure), connection parameters and a module. -a – Authentication...
RedGuard – Excellent C2 Front Flow Control tool RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language...
NanoDump A flexible tool that creates a minidump of the LSASS process. Feature Process forking To avoid opening a handle to LSASS with PROCESS_VM_READ, you can use the –fork parameter. This will make nanodump create a...
Graphpython Graphpython is a modular Python tool for cross-platform Microsoft Graph API enumeration and exploitation. It builds upon the capabilities of AADInternals (Killchain.ps1), GraphRunner, and TokenTactics(V2) to provide a comprehensive solution for interacting with...
No-Consolation This is a Beacon Object File (BOF) that executes unmanaged PEs inline and retrieves their output without allocating a console (i.e. spawning conhost.exe). Feature Supports 64 and 32 bits Supports EXEs and DLLs...
EDRPrison EDRPrison leverages a legitimate WFP callout driver, WinDivert, to effectively silence EDR systems. Drawing inspiration from tools like Shutter, FireBlock, and EDRSilencer, this project focuses on network-based evasion techniques. Unlike its predecessors, EDRPrison installs and loads an...
pwnat pwnat, by Samy Kamkar, is a tool that allows any client behind a NAT to communicate with a server behind a separate NAT with no port forwarding and no DMZ setup on any routers to...
BlueToolkit BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. It works by executing templated exploits one by one and verifying appropriate properties based...
