A repository of credential stealer formats

LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. This project gathers procedural examples from public reports …

Extracted Yara rules from Windows Defender mpavbase and mpasbase

A collection of fascinating and bizarre Censys Search Queries

Client for PPP+TLS VPN tunnel services

Windows x64 handcrafted token stealing kernel-mode shellcode

Create and enumerate hidden desktops.

This script forwards a number of configured local ports to local or remote socket servers.

用于记录内网渗透(域渗透)学习 :-)

BlackLotus UEFI Windows Bootkit

Cobalt Strike kit for Persistence

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

It is the file manager. It has a single file, this file does all tasks. PHP File Manager

Cobalt Strike BOF Files with Nim!

Load any Beacon Object File using Powershell!

A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python

Raw syscall implementations with Powershell

botnet browser chrome,mozilla firefox,capture card number any web site ,paypal,facebook,e-commerce ,get card number,expiration date, CVV , best keylogger javascript

COFF and BOF Loader written in Nim

Exploiting CVE-2021-44228 in vCenter for remote code execution and more.

A tool to extract the IdP cert from vCenter backups and log in as Administrator

HVNC for Cobalt Strike

Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim

Tool aided persistence via Windows URI schemes abuse

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

Tools & Interesting Things for RedTeam Ops

c2 traffic

Modified code so that we don´t need to rely on CAB archives