Rubeus Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy’s Kekeo project (CC BY-NC-SA 4.0 license) and Vincent LE TOUX‘s MakeMeEnterpriseAdmin project (GPL v3.0 license). Full credit goes to Benjamin and Vincent for...
pypykatz Mimikatz implementation in pure Python Why do I need these dumps files? To create mimikatz in Python, one would have to create structure definitions of a gazillion different structures (check the original code)...
PoC – EXE or DLL or ShellCode This is just a simple silly PoC demonstrating an executable “exe” file that can be used like exe, DLL, or shellcode… Steps Create an “exe” which has...
EchoStrike EchoStrike is a tool designed to generate undetectable reverse shells and perform process injection on Windows systems. Through an interactive wizard written in Python, users can customize their binaries with advanced persistence and encryption techniques. The malware code is written...
GhostStrike GhostStrike is an advanced cybersecurity tool designed for Red Team operations, featuring sophisticated techniques to evade detection and perform process hollowing on Windows systems. Feature Dynamic API Resolution: Utilizes a custom hash-based method to dynamically...
Infiltrax Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, bypass UAC and install AnyDesk for persistent remote access. Feature Screenshot Capture:...
Ligolo-ng : Tunneling like a VPN An advanced, yet simple, tunneling tool that uses a TUN interface. Ligolo-ng is a simple, lightweight, and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of...
BAADTokenBroker BAADTokenBroker is a post-exploitation tool designed to leverage device-stored keys (Device key, Transport key etc..) to authenticate to Microsoft Entra ID. Use Import BAADTokenBroker in your target machine. PS C:\ > import-module .\BAADTokenBroker.ps1...
lsassy Python library to remotely extract credentials. This library uses impacket projects to remotely read necessary bytes in lsass dump and pypykatz to extract credentials. Different lsass dumping methods are implemented in lsassy, and some option are provided to...
Kraken Kraken is a powerful, Python-based tool designed to centralize and streamline various brute-forcing tasks. Kraken provides a suite of tools for cybersecurity professionals to efficiently perform brute-force attacks across a range of protocols and...
LayeredSyscall Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows. The general idea is to generate a legitimate call stack before...
SHELLSILO SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this...
SharpDPAPI SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi‘s Mimikatz project. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome uses a different version of the C# SQL library that...
USP Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script) Feature This Go program establishes persistence on a Linux system by...
Tempest Tempest is a command and control framework written in 100% Rust. TEMPEST COMPONENTS: anvil – server 2 servers with APIs. All APIs are authenticated and unauth-discovery resistent. sqlite local database internal functions (building imps,...
SCCMSecrets SCCMSecrets.py is an SCCM policies exploitation tool. It goes beyond NAA credentials extraction, and aims to provide a comprehensive approach regarding SCCM policies exploitation. The tool can be executed from various levels of...
