Stars
This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim opens the phishing link and instantly redirects them to the …
Azure administrative tiering based on known attack paths
BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
A BloodHound collector for Microsoft Configuration Manager
Situational Awareness commands implemented using Beacon Object Files
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
real time face swap and one-click video deepfake with only a single image
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
Zipper, a CobaltStrike file and folder compression utility.
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
Print Spooler Named Pipe Impersonation for Cobalt Strike
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
EWSEditor is a large sample which shows how Exchange Web Services (EWS) calls can be done in code.
Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
Python tool to Check running WebClient services on multiple targets based on @leechristensen
Collection of Beacon Object Files (BOF) for Cobalt Strike