Stars
Fast passive subdomain enumeration tool.
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…
Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
Mythic C2 agent targeting Linux and Windows hosts written in Rust
Stealing Signatures and Making One Invalid Signature at a Time
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
rasta-mouse / ThreatCheck
Forked from matterpreter/DefenderCheckIdentifies the bytes that Microsoft Defender / AMSI Consumer flags on.
Starkiller is a Frontend for PowerShell Empire.
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Start new PowerShell without etw and amsi in pure nim
An isolated environment for DNS cache poisoning attack investigation and demonstration.
Identify privilege escalation paths within and across different clouds
Monitor for any changes in your node.js application and automatically restart the server - perfect for development
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen…
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Inject .NET assemblies into an existing process
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
PowerSploit - A PowerShell Post-Exploitation Framework
WhiteWinterWolf's PHP web shell
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Flipper Zero firmware source code