mimikatz
A powerful tool for extracting passwords and performing various Windows security operations.
Malleable C2 provides operators with a method to mold Cobalt Strike command and control traffic to their will. For instance, if you determine your target organization allows employees to use Pandora, you could create a profile to make Cobalt Strike's C2 traffic look like Pandora on the wire. Alternatively, if a client wants to test detection capabilities, you could make your traffic look like a well-known malware toolkit like Zeus. This post covers how to create new Malleable C2 profiles for Cobalt Strike, using examples and code snippets to illustrate the process. It's not fun to get caught on an assessment because your target has your toolset signatured. It's even less fun if that signature is easily bypassed. Cobalt Strike's Malleable C2 is a method of avoiding that problem when it comes to command and control (C2) traffic.
A powerful tool for extracting passwords and performing various Windows security operations.
High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.
A C#-based Command and Control Framework for remote access and control of compromised systems.
GraphSpy is a token management tool that allows users to store and manage access and refresh tokens for multiple users and scopes in one location.
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
A PowerShell toolkit for attacking Azure environments