0xbad53c Goto Github PK

0xbad53c.github.io

ansible-role-cobalt-strike

An Ansible role for installing Cobalt Strike.

auditd

Fork with customisation for partial integration into Wazuh for our detection lab.

bokuloader

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

cattlestorm

Python wrapper script to interact with the BeEF (https://github.com/beefproject/beef) API and execute modules on all connected zombie browsers at the same time.

cobaltstrike_bofs

My CobaltStrike BOFS

confused

Tool to check for dependency confusion vulnerabilities in multiple package management systems

cs-remote-ops-bof

cve-2018-12533

RF-14310 / CVE-2018-12533 - Payload generator

cve-2018-14667

All about CVE-2018-14667; From what it is to how to successfully exploit it.

docker-impacket-smbserver

Simple docker file to start an SMB share with impacket smbserver

docker-mingw-w64

Dockerfiles to build containers with mingw-w64

docker_oneliners

Collection of docker oneliners to save time when compiling/running projects for security research & development.

evil-winrm

The ultimate WinRM shell for hacking/pentesting

gmapsapiscanner

jira-lens

Fast and customizable vulnerability scanner For JIRA written in Python

jira_scan

A simple remote scanner for Atlassian Jira

jiraffe

One stop place for exploiting Jira instances in your proximity

linuxprivchecker

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

npk

A mostly-serverless distributed hash cracking platform

offsecops-arsenal

Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.

osed-scripts

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

osed-tools

Tools/scripts I used/developed during the EXP-301 course.

ossec-sysmon-for-linux-decoder

Rudimentary OSSEC/Wazuh decoder for Sysmon For Linux events. Drop it in /var/ossec/ruleset/decoders, restart OSSEC/Wazuh and start writing detection rules like you would do for Windows events!

peass-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

read-laps-password

Simple Csharp utility, created during the PEN-300 (OSEP) course. It reads the Local Admininistrator password of a domain-joined LAPS-enabled computer when you have the correct permissions.

sourcepoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

ssh-default-banners

Nmap NSE script to identify Debian, Ubuntu, FreeBSD version based on default SSH banner response. Intended for Penentration Testing, OSCP/PWK, HackTheBox (HTB), TryHackMe, RootMe

sysmon-config

Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing

sysmon-modular

A repository of sysmon configuration modules