Sandbox_Scryer - Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output Sandbox_Scryer - Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output Reviewed by Zion3R on 9:30 AM Rating: 5
TeamFiltration - Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts TeamFiltration - Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts Reviewed by Zion3R on 8:30 AM Rating: 5
Collect-MemoryDump - Automated Creation Of Windows Memory Snapshots For DFIR Collect-MemoryDump - Automated Creation Of Windows Memory Snapshots For DFIR Reviewed by Zion3R on 8:30 AM Rating: 5
Advertisement
Sandman - NTP Based Backdoor For Red Team Engagements In Hardened Networks Sandman - NTP Based Backdoor For Red Team Engagements In Hardened Networks Reviewed by Zion3R on 8:30 AM Rating: 5
Whids - Open Source EDR For Windows Whids - Open Source EDR For Windows Reviewed by Zion3R on 8:30 AM Rating: 5
ProtectMyTooling - Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry ProtectMyTooling - Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry Reviewed by Zion3R on 8:30 AM Rating: 5
Advertisement
PenguinTrace - Tool To Show How Code Runs At The Hardware Level PenguinTrace - Tool To Show How Code Runs At The Hardware Level Reviewed by Zion3R on 8:30 AM Rating: 5
FUD-UUID-Shellcode - Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness FUD-UUID-Shellcode - Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness Reviewed by Zion3R on 8:30 AM Rating: 5
AoratosWin - A Tool That Removes Traces Of Executed Applications On Windows OS AoratosWin - A Tool That Removes Traces Of Executed Applications On Windows OS Reviewed by Zion3R on 8:30 AM Rating: 5
Java-Remote-Class-Loader - Tool to send Java bytecode to your victims to load and execute using Java ClassLoader together with Reflect API Java-Remote-Class-Loader -  Tool to send Java bytecode to your victims to load and execute using Java ClassLoader together with Reflect API Reviewed by Zion3R on 8:30 AM Rating: 5
NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy Reviewed by Zion3R on 8:30 AM Rating: 5
DeathSleep - A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore It Before Resuming Execution, While Implementing Page Protection Changes During No Execution DeathSleep - A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore It Before Resuming Execution, While Implementing Page Protection Changes During No Execution Reviewed by Zion3R on 8:30 AM Rating: 5
XLL_Phishing - XLL Phishing Tradecraft XLL_Phishing - XLL Phishing Tradecraft Reviewed by Zion3R on 8:30 AM Rating: 5
PersistenceSniper - Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines PersistenceSniper - Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines Reviewed by Zion3R on 8:30 AM Rating: 5
Coercer - A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods Coercer - A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods Reviewed by Zion3R on 8:30 AM Rating: 5
ApacheTomcatScanner - A Python Script To Scan For Apache Tomcat Server Vulnerabilities ApacheTomcatScanner - A Python Script To Scan For Apache Tomcat Server Vulnerabilities Reviewed by Zion3R on 8:30 AM Rating: 5
Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory Reviewed by Zion3R on 8:30 AM Rating: 5
Concealed_Code_Execution - Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows Concealed_Code_Execution - Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows Reviewed by Zion3R on 8:30 AM Rating: 5
Chisel-Strike - A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy And Advanced Socks5 Capabilities Chisel-Strike - A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy And Advanced Socks5 Capabilities Reviewed by Zion3R on 8:30 AM Rating: 5
NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy Reviewed by Zion3R on 8:30 AM Rating: 5