dll_imports_bof

A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.

dllloadpath

dllprox

Automatic DLL comment link generation and explaination of the DLL Proxying techniques

dnscan

dohc2

DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).

dolosjs

Red Team "Drop and Run" NAC (802.1x) Bypass

domain-fronting

High reputation Frontable Domains

domaincheck

DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.

domainhunter

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

dostoevsky-pentest-notes

Notes for taking the OSCP in 2097. Read in book form on GitBook

dotnetinject

Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.

dragnmove

Infect Shared Files In Memory for Lateral Movement

dropspawn_bof

CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking

dumpert

LSASS memory dumper using direct system calls and API unhooking.

easynet

Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library. Algorithm: Data <-> GZip <-> AES-256 <-> Base64.

edd

Enumerate Domain Data

edr-telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

edrsandblast

elevate-system-trusted-bof

elevatekit

The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

elfloader

elusivemice

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

emailaddressmangler

This module mangles two lists of names together to generate a list of potential email addresses or usernames. It can also be used to simply combine a list of full names in the format (firstname lastname) into either email addresses or usernames.

embedinhtml

Embed and hide any file in an HTML file

embedurlinworddoc

.Net app to Generate Random Word (.doc) files with single URL link. Random contents and random name.

epplus

Create advanced Excel spreadsheets using .NET

espoofer

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

evasor

A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies

eventvieweruac_bof

Beacon Object File implementation of Event Viewer deserialization UAC bypass