netbiosX's Projects
Active Directory Control Paths auditing and graphing tools
Aggressor scripts I've made for Cobalt Strike
Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.
A fake AMSI Provider which can be used for persistence.
Hide Mimikatz From Process Lists
A Catalog of Application Whitelisting Bypass Techniques
A collected list of awesome security talks
Slides & Code BlueHat 2016
A tool to generate a custom code signing certificate chain and generate instructions to sign a binary. Useful for establishing persistence on a penetration test.
Commands to perform various activities related to penetration testing and red teaming
Red Teaming & Pentesting checklists for various engagements
The website version for checklists project
Execute Mimikatz Inside of ClickOnce Application
This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks
Microsoft Office / COM Object DLL Planting
Default usernames and passwords for various systems (VoIP,IPMI,Oracle).
Code Samples and Slides From DerbyCon 2016
Binaries, PowerShell scripts and information about Digital Signature Hijacking.
A tool to create a JScript file which loads a .NET v2 assembly from memory.
Executes Mixed .NET and Native DLL via regsvr32
Installs And Executes Shellcode
A fully featured backdoor that uses Gmail as a C&C server
GhostLoader - AppDomainManager - Injection - ζ»ε£³ζΊε¨ι
Minimal WIN32 Debugger in powershell
PowerShell HTTP(s) Intercepting Proxy
Frameworks, Methodologies, Detection Rules and Tooling for establishing a Purple Team program.
kernel privilege escalation enumeration and exploitation framework
Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.