RedTips
Red Team Tips as posted by @vysecurity on TwitterLinkedInt
LinkedIn Recon ToolDomLink
A tool to link a domain with registered organisation names and emails, to other domains.DomainFrontingLists
A list of Domain Frontable Domains by CDNmorphHTA
morphHTA - Morphing Cobalt Strike's evil.HTAANGRYPUPPY
Bloodhound Attack Path Automation in CobaltStrikeIPFuscator
IPFuscator - A tool to automatically generate alternative IP representationsAggressor-VYSEC
CVE-2017-8759
CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.ps1-toolkit
Obfuscated Penetration Testing PowerShell scriptsgenHTA
Generates anti-sandbox analysis HTA files without payloadsCVE-2018-4878
Aggressor Script to launch IE driveby for CVE-2018-4878checkO365
checkO365 is a tool to check if a target domain is using O365CobaltSplunk
Splunk Dashboard for CobaltStrike logsATT-CK_Analysis
Repository for my ATT&CK analysis research.FSharp-Shellcode
F# Implementation to spawn shellcodeInvoke-ProcessScan
Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.AzureAppC2
A script that can be deployed to Azure App for C2 / Proxy / RedirectorbasicAuth
Basic Auth Phish pageShellcodeConversion
A collection of shell code conversion scripts that I have written over time for repetitive tasksRDPInception
A script to attack users who are RDPing into a machine and recurse this attack. For security testers and attack simulations.Office365TenantsList
Office365 Tenants ListWindfarmDynamite-CNA
CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exeEmpireAMSI
DoH-Servers
DNS over HTTPS ServersBadIP
Bad Security Vendor IPswepwnise
A generator to weaponize Macro payloads that can evade EMET and utilises native VB migration.PWNDB
Parse PWNDBautovpn
Easily connect to a VPN in a country of your choiceCloudServiceLists
Tenants list for each cloud service.CVE-2020-0796
CVE-2020-0796 - Working PoC - 20200313vysecurity
PacketParser
A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.SCTPersistence
Create COM Objects backed by Scripts, not DLLsnuclei-templates-notags
CVE-2021-40444
DriverVulnCheck
Takes Bruteratel `drivers` output and checks it against loldrivers.ioLinkedin_Connect_NEWUI
A Python Script that controls Selenium to automate the process of connecting on LinkedInmalleable-profiles
IIS_exploit
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.test-conf
Archive
Archivevysecurity.github.io
DomainFrontingProxies
A list of Domain Fronting Proxies that are known to permit or break Domain FrontingHOLYWATER
nextjs-blog-theme
Love Open Source and this site? Check out how you can help us