0xajstrike Goto Github PK

cobaltstr4.4

Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors". Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.

cobaltstr4.5

Cobalt Strike 4.5 cracked version.

codecepticon

coercer

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.

conftalks

cornershot

Amplify network visibility from multiple POV of other hosts

credbandit

Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel

cronos

PoC for a new sleep obfuscation technique leveraging waitable timers to evade memory scanners.

crux

A proof-of-concept malicious Chrome extension

defender_exclusions-bof

A BOF to determine Windows Defender exclusions.

delegationbof

deobfuscar-static

Static Obfuscar Deobfuscator

disable-windows-defender

dll4shell

Shellcode launcher for AV bypass

dnspy

Revival of the well known .NET debugger and assembly editor, dnSpy

dnsstager

Hide your payload in DNS

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

duedlligence

edrs

edrsandblast

efspotato-1

MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability

elastiflow

Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack

evasions

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

ews-crack

ewstoolkit

Abusing Exchange via EWS

external-sender-eliminator

A simple Python email client to assist in finding loopholes in email gateway policies that append or affix "external sender" messages to external emails

filelessremotepe

Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique

foliage

Experiment on reproducing Obfuscate & Sleep

freeze

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

functionstomping

A new shellcode injection technique. Given as C++ header or standalone Rust program.