├── AV-Evasion ├── AMSI │ ├── amsi.ps1 │ └── amsi.txt ├── CLM_Bypass │ ├── Bypass_CLM_InjectionManual_RCE.cs │ └── README.md └── DisableSecuritySettings │ └── dropAV_AND_More.ps1 ├── DropperJscript └── script.js ├── EncryptingVBAPayloadForMACRO └── payloadMacroComplex.vb ├── GenerationPayload ├── DowloadString │ ├── payload64.txt │ └── payload86.txt ├── EncryptPowershell │ └── scriptPowershell.py ├── VBA │ └── MACRO │ │ └── shell.vb ├── autoscript.rc ├── commandGenerationPowershellCommand64.ps1 └── payload │ ├── PayloadFInalAfterXOR.exe │ ├── base64PayloadEncode.txt │ └── c32.sharp ├── GetUsers.py ├── HTMLSMUGGLING ├── base64.txt └── downloadManual.html ├── In-memoryPowerShell └── class1.cs ├── LAPS ├── LAPSToolkit.ps1 └── SharpLAPS.exe ├── Linux └── SharedLibraryHijackingViaLD_LIBRARY_PATH │ ├── hax.c │ ├── hax.o │ └── libhax.so ├── Others └── PortingPowerShellCode │ └── shell.ps1 ├── PAYLOADS ├── ELF │ ├── challenge3final.elf │ ├── linuxshell.c │ └── tpsreports.elf ├── EncryptingFinalPayloadXOR │ ├── README.md │ ├── Step1.cs │ └── Step2.cs ├── EncryptingVBAPayloadForMACRO │ ├── Encrypting_VBA_XOR.cs │ └── payloadMacro.vb ├── PowershellIntoMEMORY │ ├── payload64.txt │ ├── payload64NoAMSI.txt │ └── payload86.txt ├── Simple-Use-It-With-AMSI-InCase-DropPS1 │ └── drop.ps1 ├── VBAShellcodeRunner │ └── payload.vb └── shellToBEXOR.aspx ├── PHISHING ├── emails.txt ├── issue.hta └── ping.hta ├── Payload-PS1 ├── ComplexPayload │ └── payload.ps1 ├── PortingPowerShellCode │ └── shell.ps1 ├── ProcessHollowing │ ├── hollower+AMSI.ps1 │ └── hollower.ps1 ├── ReflectionShellCode │ ├── macro.vb │ └── script.ps1 └── RelectiveInjectionReturns │ └── Invoke-ReflectivePEInjection.ps1 ├── README.md ├── ReflectionShellCode ├── macro.vb └── script.ps1 ├── RelectiveInjectionReturns └── Invoke-ReflectivePEInjection.ps1 └── krb5 └── keytabextract.py /AV-Evasion/AMSI/amsi.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/AV-Evasion/AMSI/amsi.ps1 -------------------------------------------------------------------------------- /AV-Evasion/AMSI/amsi.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/AV-Evasion/AMSI/amsi.txt -------------------------------------------------------------------------------- /AV-Evasion/CLM_Bypass/Bypass_CLM_InjectionManual_RCE.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/AV-Evasion/CLM_Bypass/Bypass_CLM_InjectionManual_RCE.cs -------------------------------------------------------------------------------- /AV-Evasion/CLM_Bypass/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/AV-Evasion/CLM_Bypass/README.md -------------------------------------------------------------------------------- /AV-Evasion/DisableSecuritySettings/dropAV_AND_More.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/AV-Evasion/DisableSecuritySettings/dropAV_AND_More.ps1 -------------------------------------------------------------------------------- /DropperJscript/script.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/DropperJscript/script.js -------------------------------------------------------------------------------- /EncryptingVBAPayloadForMACRO/payloadMacroComplex.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/EncryptingVBAPayloadForMACRO/payloadMacroComplex.vb -------------------------------------------------------------------------------- /GenerationPayload/DowloadString/payload64.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/DowloadString/payload64.txt -------------------------------------------------------------------------------- /GenerationPayload/DowloadString/payload86.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/DowloadString/payload86.txt -------------------------------------------------------------------------------- /GenerationPayload/EncryptPowershell/scriptPowershell.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/EncryptPowershell/scriptPowershell.py -------------------------------------------------------------------------------- /GenerationPayload/VBA/MACRO/shell.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/VBA/MACRO/shell.vb -------------------------------------------------------------------------------- /GenerationPayload/autoscript.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/autoscript.rc -------------------------------------------------------------------------------- /GenerationPayload/commandGenerationPowershellCommand64.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/commandGenerationPowershellCommand64.ps1 -------------------------------------------------------------------------------- /GenerationPayload/payload/PayloadFInalAfterXOR.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/payload/PayloadFInalAfterXOR.exe -------------------------------------------------------------------------------- /GenerationPayload/payload/base64PayloadEncode.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/payload/base64PayloadEncode.txt -------------------------------------------------------------------------------- /GenerationPayload/payload/c32.sharp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GenerationPayload/payload/c32.sharp -------------------------------------------------------------------------------- /GetUsers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/GetUsers.py -------------------------------------------------------------------------------- /HTMLSMUGGLING/base64.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/HTMLSMUGGLING/base64.txt -------------------------------------------------------------------------------- /HTMLSMUGGLING/downloadManual.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/HTMLSMUGGLING/downloadManual.html -------------------------------------------------------------------------------- /In-memoryPowerShell/class1.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/In-memoryPowerShell/class1.cs -------------------------------------------------------------------------------- /LAPS/LAPSToolkit.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/LAPS/LAPSToolkit.ps1 -------------------------------------------------------------------------------- /LAPS/SharpLAPS.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/LAPS/SharpLAPS.exe -------------------------------------------------------------------------------- /Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/hax.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/hax.c -------------------------------------------------------------------------------- /Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/hax.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/hax.o -------------------------------------------------------------------------------- /Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/libhax.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Linux/SharedLibraryHijackingViaLD_LIBRARY_PATH/libhax.so -------------------------------------------------------------------------------- /Others/PortingPowerShellCode/shell.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Others/PortingPowerShellCode/shell.ps1 -------------------------------------------------------------------------------- /PAYLOADS/ELF/challenge3final.elf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/ELF/challenge3final.elf -------------------------------------------------------------------------------- /PAYLOADS/ELF/linuxshell.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/ELF/linuxshell.c -------------------------------------------------------------------------------- /PAYLOADS/ELF/tpsreports.elf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/ELF/tpsreports.elf -------------------------------------------------------------------------------- /PAYLOADS/EncryptingFinalPayloadXOR/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/EncryptingFinalPayloadXOR/README.md -------------------------------------------------------------------------------- /PAYLOADS/EncryptingFinalPayloadXOR/Step1.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/EncryptingFinalPayloadXOR/Step1.cs -------------------------------------------------------------------------------- /PAYLOADS/EncryptingFinalPayloadXOR/Step2.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/EncryptingFinalPayloadXOR/Step2.cs -------------------------------------------------------------------------------- /PAYLOADS/EncryptingVBAPayloadForMACRO/Encrypting_VBA_XOR.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/EncryptingVBAPayloadForMACRO/Encrypting_VBA_XOR.cs -------------------------------------------------------------------------------- /PAYLOADS/EncryptingVBAPayloadForMACRO/payloadMacro.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/EncryptingVBAPayloadForMACRO/payloadMacro.vb -------------------------------------------------------------------------------- /PAYLOADS/PowershellIntoMEMORY/payload64.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/PowershellIntoMEMORY/payload64.txt -------------------------------------------------------------------------------- /PAYLOADS/PowershellIntoMEMORY/payload64NoAMSI.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/PowershellIntoMEMORY/payload64NoAMSI.txt -------------------------------------------------------------------------------- /PAYLOADS/PowershellIntoMEMORY/payload86.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/PowershellIntoMEMORY/payload86.txt -------------------------------------------------------------------------------- /PAYLOADS/Simple-Use-It-With-AMSI-InCase-DropPS1/drop.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/Simple-Use-It-With-AMSI-InCase-DropPS1/drop.ps1 -------------------------------------------------------------------------------- /PAYLOADS/VBAShellcodeRunner/payload.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/VBAShellcodeRunner/payload.vb -------------------------------------------------------------------------------- /PAYLOADS/shellToBEXOR.aspx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PAYLOADS/shellToBEXOR.aspx -------------------------------------------------------------------------------- /PHISHING/emails.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PHISHING/emails.txt -------------------------------------------------------------------------------- /PHISHING/issue.hta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PHISHING/issue.hta -------------------------------------------------------------------------------- /PHISHING/ping.hta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/PHISHING/ping.hta -------------------------------------------------------------------------------- /Payload-PS1/ComplexPayload/payload.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/ComplexPayload/payload.ps1 -------------------------------------------------------------------------------- /Payload-PS1/PortingPowerShellCode/shell.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/PortingPowerShellCode/shell.ps1 -------------------------------------------------------------------------------- /Payload-PS1/ProcessHollowing/hollower+AMSI.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/ProcessHollowing/hollower+AMSI.ps1 -------------------------------------------------------------------------------- /Payload-PS1/ProcessHollowing/hollower.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/ProcessHollowing/hollower.ps1 -------------------------------------------------------------------------------- /Payload-PS1/ReflectionShellCode/macro.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/ReflectionShellCode/macro.vb -------------------------------------------------------------------------------- /Payload-PS1/ReflectionShellCode/script.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/ReflectionShellCode/script.ps1 -------------------------------------------------------------------------------- /Payload-PS1/RelectiveInjectionReturns/Invoke-ReflectivePEInjection.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/Payload-PS1/RelectiveInjectionReturns/Invoke-ReflectivePEInjection.ps1 -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/README.md -------------------------------------------------------------------------------- /ReflectionShellCode/macro.vb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/ReflectionShellCode/macro.vb -------------------------------------------------------------------------------- /ReflectionShellCode/script.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/ReflectionShellCode/script.ps1 -------------------------------------------------------------------------------- /RelectiveInjectionReturns/Invoke-ReflectivePEInjection.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/RelectiveInjectionReturns/Invoke-ReflectivePEInjection.ps1 -------------------------------------------------------------------------------- /krb5/keytabextract.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/emanuelepicas/OSEP/HEAD/krb5/keytabextract.py --------------------------------------------------------------------------------