A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

A BOF that runs unmanaged PEs inline

Phishing with a fake reCAPTCHA

Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines

Pre-Built Vulnerable Environments Based on Docker-Compose

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

A collection of Azure AD/Entra tools for offensive and defensive security purposes

Tools for interacting with authentication packages using their individual message protocols

GhostLoader - AppDomainManager - Injection - 攻壳机动队

.net config loader

Reflective DLL loading of your favorite Golang program

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

A method of bypassing EDR's active projection DLL's by preventing entry point exection

Please no pull requests for this repository. Thanks!

SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

Enumerate the Domain for Readable and Writable Shares

Process Injection using Thread Name

PDF dropper Red Team Scenairos