Github rasta mouse Simple BOF to read the protection level of a process - rasta-mouse/PPEnum Bypass AMSI by patching AmsiScanBuffer. Jan 29, 2024 · Blog / December 16, 2022 / Rasta Mouse This post was inspired by a question posted by kevin in my Discord server, about how token impersonation can be applied to threads in C#. Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - Forks · rasta-mouse/Watson D/Invoke port of UrbanBishop. - Sherlock/README. - AnshumanSrivastavaGIT-2025/rasta-mouse-ThreatCheck A small POC to make defender useless by removing its token privileges and lowering the token integrity - GitHub - pwn1sher/KillDefender: A small POC to make defender useless by removing its token Mar 7, 2021 · We’ll download the zip from the GitHub page and double click Watson. PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects. We’ll download the zip from the GitHub page and double click Watson. - Pull requests · rasta-mouse/ThreatCheck Feb 27, 2021 · The supersedence stores a list of known KBs for a particular CVE. Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - rasta-mouse/Watson GitHub Actions makes it easy to automate all your software workflows, now with world-class CI/CD. Follow their code on GitHub. Something went wrong, please refresh the page to try again. D/Invoke port of UrbanBishop. C# Lsass parser. Contribute to rasta-mouse/Crystal-Kit development by creating an account on GitHub. Contribute to rasta-mouse/SpawnWith development by creating an account on GitHub. Contribute to rasta-mouse/pwnlift development by creating an account on GitHub. Contribute to rasta-mouse/KerbApp development by creating an account on GitHub. Contribute to rasta-mouse/TikiTorch development by creating an account on GitHub. Save rasta-mouse/260413c3de7d549cc0a7ddca2a389e33 to your computer and use it in GitHub Desktop. Jan 21, 2015 · rasta-mouse / Mjolnir Public Notifications You must be signed in to change notification settings Fork 19 Star 14 Command and Control Framework written in C#. Jan 25, 2021 · Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - Issues · rasta-mouse/Watson We would like to show you a description here but the site won’t allow us. Mar 7, 2021 · Watson is a C# implementation of a tool to quickly identify missing software patches for local privesc vulnerabilities. Example of async client/server sockets in . A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike - Pull requests · rasta-mouse/Crystal-Loaders Contribute to rasta-mouse/SignalRDemo development by creating an account on GitHub. Contribute to TheJoyOfHacking/rasta-mouse-Sherlock development by creating an account on GitHub. May 31, 2025 · code-server dockerfile. GitHub Gist: star and fork rasta-mouse's gists by creating an account on GitHub. - rasta-mouse/ThreatCheck Nov 14, 2017 · PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. - Pull requests · rasta-mouse/ThreatCheck Contribute to rasta-mouse/SignalRDemo development by creating an account on GitHub. Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - rasta-mouse/Watson Bypass AMSI by patching AmsiScanBuffer. Since we are enumerating for missing KBs, if none of installedKBs is presented in supersedence, the OS is considered as vulnerable. Contribute to rasta-mouse/p0wnedLoader development by creating an account on GitHub. NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts. Playing with packets in C#. A Crystal Palace shared library to resolve & perform syscalls - rasta-mouse/LibGate A SleepMask using BeaconGate. Contribute to rasta-mouse/CollectorService development by creating an account on GitHub. - rasta-mouse/ThreatCheck Beef hook OWA / Outlook. Contribute to rasta-mouse/offensive-defence development by creating an account on GitHub. Contribute to rasta-mouse/MiniDumpParser development by creating an account on GitHub. - rasta-mouse/Sherlock Command and Control Framework written in C#. I think the correct one is: Simple BOF to read the protection level of a process - PPEnum/ppenum. Enumerate missing KBs and suggest exploits for useful privilege escalation vulnerabilities. Contribute to rasta-mouse/EncryptedKeyExchange development by creating an account on GitHub. Anyway, thanks again. Oct 1, 2025 · Find jmp gadgets for call stack spoofing. The process begins with the full file and progressively narrows down the search space: The tool's efficiency stems from its logarithmic search approach, which can identify problematic bytes in large files without requiring exhaustive linear scanning. This is a compiled version of RastaMouse's Threatcheck - GitHub - Laransec/ThreatCheck-Compiled: This is a compiled version of RastaMouse's Threatcheck Contribute to rasta-mouse/Mjolnir development by creating an account on GitHub. Command and Control Framework written in C#. Takes a binary as input (either from a file on disk or a URL), splits it until it pinpoints that exact bytes that the target engine will flag on and prints them to the screen. Contribute to rasta-mouse/AmsiScanBufferBypass development by creating an account on GitHub. Port of Cobalt Strike's Process Inject Kit. Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines - rasta-mouse/DGPOEdit Evasion for Cobalt Strike. Build, test, and deploy your code right from GitHub. md at master · rasta-mouse/Sherlock Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines - rasta-mouse/DGPOEdit Evasion for Cobalt Strike. Discuss code, ask questions & collaborate with the developer community. sln in our Windows machine to open it in Visual Studio. (https://github. - med0x2e/GadgetToJScript Contribute to rasta-mouse/KerbApp development by creating an account on GitHub. Beef hook OWA / Outlook. rasta-mouse has 93 repositories available. A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike - rasta-mouse/Crystal-Loaders Crystal Palace library for proxying Nt API calls via the Threadpool - rasta-mouse/LibTP Contribute to rasta-mouse/SCMUACBypass development by creating an account on GitHub. If the problem persists, check the GitHub status page or contact support. - rasta-mouse/ThreatCheck Miscellaneous Tools. rasta-mouse / CVE-2021-44228-Apache-Log4j-Rce Public forked from y35uishere/apache-log4j-poc Notifications You must be signed in to change notification settings Fork 6 Star 4 PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. GitHub is where THeRastaMouse builds software. GitHub Actions makes it easy to automate all your software workflows, now with world-class CI/CD. c at main · rasta-mouse/PPEnum Mar 18, 2023 · But I have no idea what's special about SeatBelt which produces such an assembly. @rasta-mouse's goal is to earn $1,000 per month Reaching this goal would be baller! Oct 20, 2024 · Identifies the bytes that Microsoft Defender / AMSI Consumer flags on. - Issues · rasta-mouse/Sherlock Contribute to rasta-mouse/Rosplant development by creating an account on GitHub. Modified version of Matterpreter's DefenderCheck. 13 sponsors have funded rasta-mouse’s work. Contribute to rasta-mouse/Fork-n-Run development by creating an account on GitHub. GitHub is where rastamouse builds software. Oct 29, 2025 · A Crystal Palace shared library to resolve & perform syscalls - rasta-mouse/LibGate GitHub is where people build software. Contribute to rasta-mouse/process-inject-kit development by creating an account on GitHub. Contribute to rasta-mouse/AsyncSockets development by creating an account on GitHub. GitHub Gist: instantly share code, notes, and snippets. - rasta-mouse/DInvoke Miscellaneous Tools. com/rasta-mouse/Watson) Sep 3, 2017 · rasta-mouse / Sherlock Public archive Notifications You must be signed in to change notification settings Fork 418 Star 2k av-bypass - Rasta Mouse Blog GitHub Gist: star and fork rasta-mouse's gists by creating an account on GitHub. Contribute to rasta-mouse/McAfeeForOutlook development by creating an account on GitHub. NET 5. Process Injection. - rasta-mouse/DInvoke Bypass AMSI by patching AmsiScanBuffer. Miscellaneous Tools. Aug 3, 2024 · Explore the GitHub Discussions forum for rasta-mouse OST-C2-Spec. Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - rasta-mouse/Watson. Contribute to rasta-mouse/GadgetHunter development by creating an account on GitHub. Contribute to rasta-mouse/SharpC2 development by creating an account on GitHub. Contribute to rasta-mouse/Rosplant development by creating an account on GitHub. Contribute to rasta-mouse/MiscTools development by creating an account on GitHub. - rasta-mouse/Sherlock Evasion kit for Cobalt Strike. Easy peasy file uploads. A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike - rasta-mouse/Crystal-Loaders Contribute to rasta-mouse/KerbTestApp development by creating an account on GitHub. Cheers, Tim The text was updated successfully, but these errors were encountered: rasta-mouse added the bug label on Mar 19, 2023 rasta-mouse added a commit that referenced this issue on Apr 1, 2023 A Crystal Palace shared library to resolve & perform syscalls - rasta-mouse/LibGate Contribute to rasta-mouse/Mjolnir development by creating an account on GitHub. - rasta-mouse/ThreatCheck Abusing Exchange via EWS. Bypass AMSI by patching AmsiScanBuffer. This can be helpful when trying to identify the specific bad pieces of code in your tool/payload. Jun 25, 2025 · ThreatCheck implements a binary search algorithm to efficiently locate malicious byte sequences. A tool for generating . The installedKBs stores a list of KBs extracted from the target machine. coder. com/rasta-mouse/Watson) Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities - rasta-mouse/Watson PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke. Contribute to rasta-mouse/RuralBishop development by creating an account on GitHub. CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWh A Crystal Palace shared library to resolve & perform syscalls - rasta-mouse/LibGate Contribute to rasta-mouse/p0wnedLoader development by creating an account on GitHub. Contribute to rasta-mouse/SCMUACBypass development by creating an account on GitHub. - rasta-mouse/Sherlock Jun 7, 2025 · Save rasta-mouse/93d1426bd934548102f1c2a12c99a38a to your computer and use it in GitHub Desktop. Contribute to TheJoyOfHacking/rasta-mouse-Watson development by creating an account on GitHub. Open Source C&C Specification. Contribute to rasta-mouse/OST-C2-Spec development by creating an account on GitHub. Contribute to rasta-mouse/PacketAlchemy development by creating an account on GitHub. Contribute to rasta-mouse/rastamask-vs development by creating an account on GitHub. Identifies the bytes that Microsoft Defender / AMSI Consumer flags on. Contribute to rasta-mouse/EWSToolkit development by creating an account on GitHub. NET serialized gadgets that can trigger . - Activity · rasta-mouse/ThreatCheck Command and Control Framework written in C#. vxlhhj jnv ijqt wcpdw itgn ohw abug rzteng onect klmtj yxjoq mlakgc clnomh ppdbrgz ntxua