CONTROL C2 is a command and control framework designed for red teamers and penetration testers.

PowerShell MachineAccountQuota and DNS exploit tools

PowerShell script to generate ShellCode in various formats

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen…

You didn't think I'd go and leave the blue team out, right?

Tool to bypass LSA Protection (aka Protected Process Light)

Microsoft signed ActiveDirectory PowerShell module

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Automated Adversary Emulation Platform

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

A repository that maps API calls to Sysmon Event ID's.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Trying to tame the three-headed dog.

PowerSploit - A PowerShell Post-Exploitation Framework

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

HTA encryption tool for RedTeams

Defanged Indicator of Compromise (IOC) Extractor.

A tool to create a JScript file which loads a .NET v2 assembly from memory.

The Network Execution Tool

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

Red Teaming Tactics and Techniques

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Powershell tool to automate Active Directory enumeration.

Execute unmanaged Windows executables in CobaltStrike Beacons

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.