her0ness Goto Github PK

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

aggressorscripts

Collection of scripts that I created to make my life easier.

aiosmb

Fully asynchronous SMB library written in pure python

alternativeshellcodeexec

Alternative Shellcode Execution Via Callbacks

assessment-mindset

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

av-edr-urls

AV/EDR companies netblocks

awesome-red-teaming

List of Awesome Red Teaming Resources

backupoperatortoda

From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller

blackhat-arsenal-tools

Official Black Hat Arsenal Security Tools Repository

bofallthethings

Creating a repository with all public Beacon Object Files (BoFs)

bofroast

Beacon Object Files for roasting Active Directory

bofs

Collection of Beacon Object Files

byeintegrity5-uac

Bypass UAC at any level by abusing the Task Scheduler and environment variables

callback_shellcode_injection

POCs for Shellcode Injection via Callbacks

carboncopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

cobaltstrikereflectiveloader

Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.

ditto

Binary resource copier

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

edrs

encrypt

Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.

findobjects-bof

A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.

go-shellcode

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

her0ness.github.io

✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com

hollow

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

inject-assembly

Inject .NET assemblies into an existing process

injectamsibypass

Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

inlineexecute-assembly

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module

invisibilitycloak

Proof-of-concept obfuscation toolkit for C# post-exploitation tools