Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

A suite of services over Citrix, VMware Horizon and native Windows RDP.

A Reflective Loader for macOS

Phishing with a fake reCAPTCHA

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Python DNS Name Server Framework

In this Arsenal lab session, we will extract firmware from an EV charger, dig into the firmware, and eventually emulate it so we can interact with the services in real-time.

红蓝对抗：钓鱼演练资源汇总&备忘录

A C# utility for interacting with SCCM

HVNC for Cobalt Strike

Poseidon is a Golang agent targeting Linux and macOS

Swift 5 macOS agent

NTLM relaying for Windows made easy

HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

A .NET tool for exporting and importing certificates without touching disk.

Set of tools to analyze Windows sandboxes for exposed attack surface.

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

LoadLibrary for offensive operations

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.