dllexical |
Small workbench for simplfying DLL hijack payload generation by adding DLL Forwards to binaries (Go) |
dllinquent |
ioutil.Scanner interface for walk PE PEBs (Go) |
rpcls |
Pull loaded DLLs from the PEB, imported funcions from the in-memory IAT to see if the process is hosting RPC (Go) |
ino |
PE parser that extracts Imports, Exports, Forwards to Cypher-friendly JSON for Neo4j ingestion (Go) |
gorsh |
Toy malware and reverse shell for CTFs. Includes enum scripts and exfil options (Go) |
passdb-frontend |
Svelte.js frontend for pivoting around public password dumps (JS) |
passdb-backend |
API for passdb-frontend using GCP BigQuery as its data source (Go) |
letsproxy |
one-liner reverse proxy that generates tls certs (Go) |
doxycannon |
Use docker to spin up concurrent VPNs and rotate traffic through them (Python) |
holeysocks |
Module for implementing reverse socks through SSH (Go) |
git-ls |
Map GitHub (and Enterprise) Access Token relationships, pull all private repos to which the token has been given access (Go) |
kh |
CLI to test validity of various API service tokens (Go) |
sudophisher |
ASKPASS programs for stealing git, ssh, sudo passwords (Go) |
doubletap |
Headless browser for evaluating JS to defeat dynamic nonces, etc for password spraying (Ruby/Docker) |
amnesia |
wipes free memory to mess with the likes of Encase, Volatility, etc (Go) |
msldapuac |
A package for retrieving values from the Microsoft LDAP property UserAccountControl |
davil |
Intranet Zone breakout - leak net-ntlm hashes over the internet |
hearsay |
A proxy-aware reverse HTTP proxy and concentrator |