Red team Interview Questions

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

Adaptive DLL hijacking / dynamic export forwarding - EAT preserve

A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO

Halberd : Multi-Cloud Attack Platform

A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

Dumping DPAPI credz remotely

Collect Windows telemetry for Maldev

Port of Cobalt Strike's Process Inject Kit

A collection of position independent coding resources

Minimalist Asterisk Caller ID Spoofer and Secondary VOIP Line Configuration Built for AWS

Cross-platform proxy resolution library written in C.

sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment

🪅 Windows User Space Emulator

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

An Aggressor Script that utilizes NtCreateUserProcess to run binaries

Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-native executables.

BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)

Active Directory Authentication Library