Mariusz Banach's Projects
User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral analysis of testing specimens. Inspired and based on Lenny Zeltser's collection.
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
HTTP/HTTPS proxy with custom plugins loading capability.
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
Solutions to the RPISEC MBE / Modern Binary Exploitation VM & course.
socks4 reverse proxy for penetration testing
ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
ScareCrow - Payload creation framework designed around EDR bypass.
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
The BloodHound C# Ingestor
Payload Generation Framework
.NET project for installing Persistence
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
SharpWMI is a C# implementation of various WMI functionality.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature. Perhaps this could be somethin
Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
Cobalt Strike kit for Persistence
College project implementing some of the compression and image steganographic algorithms.
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
(Polish only) Program przygotowywany na uczelnie w ramach kursu "Symulacje Komputerowe". Przedstawia hipotetyczna prace reaktora jadrowego w roznych stanach i konfiguracjach.
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
Remove API hooks from a Beacon process.
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
Set Up WebDAV Server for Remote File Sharing and more