X-Force Red

All

26 repositories

VectoredExceptionHandling
Public
C
•10•27•0•0•Updated Aug 21, 2024Aug 21, 2024
ADOKit
Public
Azure DevOps Services Attack Toolkit
C#
•
Apache License 2.0
•53•256•0•0•Updated Aug 8, 2024Aug 8, 2024
BokuLoader
Public
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
C
•
MIT License
•244•317•0•0•Updated Jul 20, 2024Jul 20, 2024
SQLRecon
Public
A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
C#
•
BSD 3-Clause "New" or "Revised" License
•113•384•0•0•Updated Jul 18, 2024Jul 18, 2024
DayBird
Public
Extension functionality for the NightHawk operator client
C#
•9•26•0•0•Updated Oct 31, 2023Oct 31, 2023
Windows_MSKSSRV_LPE_CVE-2023-36802
Public
LPE exploit for CVE-2023-36802
C
•40•22•0•0•Updated Oct 10, 2023Oct 10, 2023
BOFMask
Public
C
•26•117•0•0•Updated Jun 28, 2023Jun 28, 2023
AdvSim.Cryptography
Public
Simple and sane cryptographic wrapper library.
C#
•
MIT License
•4•26•0•1•Updated Apr 21, 2023Apr 21, 2023
Windows_LPE_AFD_CVE-2023-21768
Public
LPE exploit for CVE-2023-21768
C
•163•417•0•0•Updated Mar 8, 2023Mar 8, 2023
AdvSim.Compression
Public
Simple and sane compression wrapper library.
C#
•2•9•0•0•Updated Oct 28, 2022Oct 28, 2022
SCMKit
Public
Source Code Management Attack Toolkit
C#
•
Apache License 2.0
•49•126•0•0•Updated Sep 20, 2022Sep 20, 2022
wubblegum
Public
A smart card reconnaissance tool able to map out many different kinds of smart cards.
Python
•
BSD 3-Clause "New" or "Revised" License
•0•9•0•0•Updated Aug 22, 2022Aug 22, 2022
goEnum
Public
goEnum is a modular and system-agnostic enumeration framework
Go
•
BSD 3-Clause "New" or "Revised" License
•1•0•0•0•Updated Aug 17, 2022Aug 17, 2022
WFH
Public
Python
•69•180•0•0•Updated Aug 17, 2022Aug 17, 2022
InvisibilityCloak
Public
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
Python
•163•414•0•0•Updated Jul 22, 2022Jul 22, 2022
elfpack
Public
ELF Sectional docking payload injector system
C++
•9•21•0•0•Updated Jun 28, 2022Jun 28, 2022
CheckCert
Public
Obtain and parse SSL certificates
C
•11•9•0•1•Updated Mar 17, 2022Mar 17, 2022
xPipe
Public
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
C
•23•51•0•0•Updated Dec 21, 2021Dec 21, 2021
scan4log4shell
Public
A Burp Pro extension that adds log4shell checks to Burp Scanner.
Python
•
BSD 3-Clause "New" or "Revised" License
•5•26•0•0•Updated Dec 12, 2021Dec 12, 2021
StandIn
Public
StandIn is a small .NET35/45 AD post-exploitation toolkit
C#
•118•254•0•0•Updated Dec 2, 2021Dec 2, 2021
GetWebDAVStatus
Public
Determine if the WebClient Service (WebDAV) is running on a remote system
C
•26•26•0•0•Updated Sep 29, 2021Sep 29, 2021
Detect-Hooks
Public
Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
C
•30•96•0•0•Updated Jul 22, 2021Jul 22, 2021
CredBandit
Public
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
C
•54•232•0•0•Updated Jul 14, 2021Jul 14, 2021
InlineExecute-Assembly
Public
InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module
C
•121•184•0•2•Updated Jul 9, 2021Jul 9, 2021
python_intruder_payloads
Public
A Burp Suite extension to allow Burp Intruder payloads to be processed and generated using custom Python scripts.
Python
•
BSD 3-Clause "New" or "Revised" License
•1•5•0•0•Updated Apr 26, 2021Apr 26, 2021
Dendrobate
Public
Managed code hooking template.
C#
•
Other
•27•106•0•0•Updated Feb 15, 2021Feb 15, 2021