Devid Lana's Projects
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Collection of scripts that I created to make my life easier.
Fully asynchronous SMB library written in pure python
Alternative Shellcode Execution Via Callbacks
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
AV/EDR companies netblocks
List of Awesome Red Teaming Resources
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
Official Black Hat Arsenal Security Tools Repository
Creating a repository with all public Beacon Object Files (BoFs)
Beacon Object Files for roasting Active Directory
Collection of Beacon Object Files
Bypass UAC at any level by abusing the Task Scheduler and environment variables
POCs for Shellcode Injection via Callbacks
A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
Binary resource copier
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com
EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Inject .NET assemblies into an existing process
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
Proof-of-concept obfuscation toolkit for C# post-exploitation tools