Add mdsecactivebreach/RegistryStrikesBack

2025-03-05 21:25:58 -05:00 · 2020-11-18 22:41:23 +07:00 · 2020-11-18 22:41:23 +07:00 · f00d3a3c04
commit f00d3a3c04
parent ee08a441e1
1 changed files with 9 additions and 1 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -716,13 +716,21 @@ Some tools can be categorized in more than one category. But because the current
        <td>A wanna be swiss army knife for data encryption, exfiltration and covert communication.</td>
    </tr>
    <tr>
-        <td><a href="https://github.com/hackerschoice/gsocket">hackerschoice/gsockethackerschoice/gsocket</a></td>
+        <td><a href="https://github.com/hackerschoice/gsocket">hackerschoice/gsocket</a></td>
        <td>Global Socket. Moving data from here to there. Securely, Fast and trough NAT/Firewalls</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/hackerschoice/gs-transfer">hackerschoice/gs-transfer</a></td>
+        <td>Secure File Transfer via Global Socket Bounce Network</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/m57/dnsteal">m57/dnsteal</a></td>
        <td>DNS Exfiltration tool for stealthily sending files over DNS requests.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/mdsecactivebreach/RegistryStrikesBack">mdsecactivebreach/RegistryStrikesBack</a></td>
+        <td>RegistryStrikesBack allows a red team operator to export valid .reg files for portions of the Windows Registry via a .NET assembly that should run as a standard user. It can be useful in exfiltrating config files such as to support actions like are described in the "Segmentation Vault" article on the MDSec Blog.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/pentestpartners/PTP-RAT">pentestpartners/PTP-RAT</a></td>
        <td>Exfiltrate data over screen interfaces. <a href="https://www.pentestpartners.com/security-blog/exfiltration-by-encoding-data-in-pixel-colour-values/">For more information.</a></td>