sidaf / moonshine
☆67Updated 10 months ago
Related projects: ⓘ
- Abuse Azure API permissions for red teaming☆55Updated last year
- Slide decks and/or materials from conference presentations☆55Updated last year
- ☆83Updated 2 years ago
- ☆42Updated 2 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆64Updated 2 weeks ago
- Lifetime AMSI bypass.☆35Updated 2 months ago
- Source code and examples for PassiveAggression☆54Updated 3 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆79Updated 2 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆80Updated 3 months ago
- 🌩️ Collection of BloodHound queries for Azure☆40Updated last month
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated last year
- Microsoft Graph API post-exploitation toolkit☆90Updated 2 months ago
- ☆45Updated this week
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆88Updated last year
- ☆69Updated 10 months ago
- ☆63Updated 6 months ago
- ☆18Updated this week
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- malleable profile generator GUI for Havoc☆53Updated last year
- Living Off the Foreign Land setup scripts☆61Updated last month
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆50Updated 4 months ago
- ☆101Updated 4 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆88Updated last year
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆34Updated 6 months ago
- This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it ca…☆31Updated 6 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- Python module for running BOFs☆63Updated last year
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆34Updated last year
- Utilities for obfuscating shellcode☆38Updated 2 months ago
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year