Libation: Liberate your Library

Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

🙃 Reverse Shell Cheat Sheet 🙃

CMD - Command Cheat Sheat ✅

This project is now discontinued. Kindly use other working alternatives.

Inject .NET assemblies into an existing process

A .NET Framework 4.0 Windows Agent

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

DLL and PowerShell script to assist with finding DLL hijacks

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Reflow Master is an open source Toaster Oven reflow controller that includes both hardware and software.

Exploit Development, backdooring PE, bypassing Anti-Virus (AV), assembly shellcoding

Site Admin Page Finder with Python Script | Edited By Sir.4m1R

WordPress Plugin Security Testing Cheat Sheet

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

These are exploits created to avoid the use of Metasploit. While studying for OSCP in the Offsec labs, VHL, Vulnhub, etc, I tried to find ways to limit my use of Metasploit and Meterpreter shells.

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

Basically a script thrift shop

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.

Windows Exploit Suggester - Next Generation

Windows / Linux Local Privilege Escalation Workshop

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069

HW: A beermat-sized PCB with FPGA, SDRAM, Hi-Speed USB & 50 FPGA I/Os

An open source miniPCIe development board based on the Xilinx Spartan 6 LX150T