28 repository-uri
Tools for password spraying and generating malicious payloads.
Explore 28 awesome GitHub repositories matching part of an awesome list · Initial Access Frameworks. Refine with filters or upvote what's useful.
Donut is a toolset for loading and executing payloads in memory, featuring a position-independent shellcode generator, an in-memory payload injector, and a .NET assembly loader. It is designed to convert executable files and scripts into shellcode that can be executed within the memory space of a remote process without writing files to disk. The project specializes in security evasion through memory-based patching and payload obfuscation using symmetric block ciphers and compression. It includes a remote payload stager to retrieve encrypted modules from HTTP or DNS servers during runtime, red
In-memory execution of various file types and assemblies.
To view the latest version of ScareCrow or to submit an issue, reference https://github.com/Tylous/ScareCrow.
Payload creation framework designed for EDR evasion.
generate CobaltStrike's cross-platform payload
Generating cross-platform payloads for command frameworks.
A tool to abuse Exchange services
Remote interaction with exchange servers.
SharpSploit is a .NET post-exploitation library written in C# that aims to highlight the attack surface of .NET and make the use of offensive .NET easier for red teamers.
Library for .NET post-exploitation tasks.
:triangularflagon_post: This is the public repository of Inceptor, for latest version and updates please consider supporting us through https://porchetta.industries/
Template-driven framework for AV and EDR evasion.
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Efficient password spraying against enterprise services.
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Evasion techniques to bypass security product detection.
To view the latest version of Freeze or to submit an issue, reference https://github.com/Tylous/Freeze.
Toolkit for bypassing EDRs using suspended processes.
Identifying bytes flagged by security software.
Shhhloader is a work in progress shellcode loader. It takes raw shellcode as input and compiles a C++ stub that does a bunch of different things to try and bypass AV/EDR. The included python builder will work on any Linux system that has Mingw-w64 installed.
Shellcode loader designed to bypass security monitoring.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Password spraying with IP rotation to bypass throttling.
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA scripts. The current gadget triggers a call to Activator.CreateInstance() when deserialized using BinaryFormatter from jscript/vbscript/vba, this…
Generating serialized gadgets for .NET assembly execution.
c++ fully undetected shellcode launcher ;)
Undetected shellcode launcher written in C++.
Store and execute an encrypted windows binary from inside memory, without a single bit touching disk.
Windows antivirus evasion for payloads.
Weaponize DLL hijacking easily. Backdoor any function in any DLL without disrupting normal process operation.
Weaponizing DLL hijacking for backdoor creation.
To view the latest version of Ivy or to submit an issue, reference https://github.com/Tylous/Ivy.
Framework for executing VBA code directly in memory.
script to retrieve information via O365 and AzureAD with a valid cred
Retrieving information from cloud services with valid credentials.
Shellcode runner framework for application whitelisting bypasses and DLL side-loading. The shellcode included in this project spawns calc.exe.
Shellcode runner for application whitelisting bypass.