An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.

PowerSploit is a PowerShell-based penetration testing framework containing modules for code execution, injection techniques, persistence, and various offensive security operations.

Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.

CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.

A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.