Immoral Fiber This repository contains two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) PhantomThread (An evolved callstack-masking implementation) It also contains an example test...
Amnesiac Amnesiac is a post-exploitation framework designed to assist with lateral movement within active directory environments. Amnesiac is being developed to bridge a gap on Windows OS, where post-exploitation frameworks are not readily available unless...
okta-terrify Okta Terrify is a tool to demonstrate how passwordless solutions such as Okta Verify’s FastPass or other FIDO2/WebAuthn type solutions can be abused once an authenticator endpoint has been compromised. Whilst Okta Terrify...
Invoke-ADEnum Invoke-ADEnum is an enumeration tool designed to automate the process of gathering information from an Active Directory environment. With Invoke-ADEnum, you can enumerate various aspects of Active Directory, including forests, domains, trusts, domain...
PrivescCheck This script aims to identify Local Privilege Escalation (LPE) vulnerabilities that are usually due to Windows configuration issues, or bad practices. It can also gather useful information for some exploitation and post-exploitation tasks. Check types...
GoDefender This Go package provides functionality to detect and defend against various forms of debugging tools and virtualization environments Anti-Virtualization Triage Detection: Detects if the system is running in a triage or analysis environment....
What is afrog afrog is a high-performance vulnerability scanner that is fast and stable. It supports user-defined PoC and comes with several built-in types, such as CVE, CNVD, default passwords, information disclosure, fingerprint identification,...
FalconHound FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with an SIEM...
reconftw reconFTW automates the entire process of reconnaissance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target. reconFTW uses a lot of techniques...
OdinLdr Cobaltstrike UDRL with memory evasion Features: Redirect all WININET calls over callstack crafting Encrypt beacon during sleep Encrypt beacon heap during sleep Self delete of loader EXECUTION OF LOADER 1 – Create heap...
HuntRthys HuntRthys is a specific, modern, and fast command and control detection tool written to detect Command and Control (C2) servers used by the Rhadamanthys Stealer Malware. HuntRthys provides the most reliable and fastest...
Zeek & Grafana Integration for Network Monitoring This repository provides a quick way to get started using Zeek with a practical use case. The focus is to analyse a network pcap and enable easy...
