trustedsec Goto Github PK

artillery

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

auto_settingcontent-ms

This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remote code execution. This automates generating an HTA downloader and embeds it in the SettingContent-ms file for you and starts Apache.

coffloader

conqr

ConQR is an open source ticketing system for conferences to issue QRCode's in a quick, efficient, and easy manner.

cors-poc

crackhound

crackmapexec

A swiss army knife for pentesting Windows/Active Directory environments

cs-remote-ops-bof

cs-situational-awareness-bof

Situational Awareness commands implemented using Beacon Object Files

cs_coffloader

cve-2019-19781

This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.

defensive-scripts

egressbuster

Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.

elfloader

hardcidr

hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime.

hash_parser

This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want to see if any of the credentials work on another domain or other systems.

hate_crack

A tool for automating cracking methodologies through Hashcat from the TrustedSec team.

honeybadger

impede

inproc_evade_get-injectedthread

PoC code from blog

llvm-obfuscation-experiments

metasploit-framework

Metasploit Framework

meterssh

MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned (meterpeter in this case) by the shellcode over SSH back to the attackers machine. Then connecting with meterpreter's listener to localhost will communicate through the SSH proxy, to the victim through the SSH tunnel. All communications are relayed through the SSH tunnel and not through the network.

nps_payload

This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (@Spoonman1091) Payload written by Ben Mauch (@Ben0xA) aka dirty_ben

obsidian-vault-structure

orpheus

Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

physical-docs

This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselves when conducting physical security assessments.

pivoter

Pivoter is a proxy tool for pentesters to have easier lateral movement.

pplfaultdumpbof

proxy_helper

Proxy Helper is a WiFi Pineapple module that will automatically configure the Pineapple for use with a proxy such as Burp Suite.