MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

PowerShell Asynchronous TCP Reverse Shell

Invoke-KleptoKitty - Deploys Payloads and collects credentials

A sophisticated PowerShell script that stealthily injects Base64-encoded shellcode into the target process, featuring anti-debugging techniques to evade detection.

Script made for bypassing antivirus using Powershell Injection method. Place your shellcode from msfvenom on line 15, the script can be combined with the UAC bypass technique in order to gain a privileged reverse shell.

This script dynamically decodes and executes a Base64 encoded Mimikatz script, allowing users to bypass security measures and run specified Mimikatz commands.

This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.

Red Teaming Tactics and Techniques

PS1 script to clear Windows Event Log without wevtutil or Clear-EventLog

This tool was created for the article: "An Exploration of AV Evasion Techniques". The script was made for educational reasons to demonstrate basic evasion techniques.

Rubber Ducky evasion PoC

Process injection via IronRuby DLR in an attempt to avoid AV