0xHossam / APT-Attack-Simulation
APT-Attack-Simulation simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆43Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for APT-Attack-Simulation
- Construct the payload at runtime using an array of offsets☆58Updated 4 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 5 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 10 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆77Updated 3 weeks ago
- Windows Thread Pool Injection Havoc Implementation☆28Updated 7 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated last year
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆57Updated 4 months ago
- Malicious powershell scripts loader designed to avoid detection.☆36Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆45Updated 6 months ago
- Create Anti-Copy DRM Malware☆42Updated 2 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆107Updated last month
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆52Updated 9 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- C# havoc implant☆96Updated last year
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 10 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- .bin file to shellcode convertor☆28Updated 4 months ago
- Just another C2 Redirector using CloudFlare.☆78Updated 5 months ago
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆64Updated 5 months ago
- Do some DLL SideLoading magic☆74Updated last year
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆43Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆84Updated 7 months ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆53Updated 6 months ago
- Lateral Movement via the .NET Profiler☆73Updated 5 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆155Updated 3 weeks ago
- Red Team Operation's Defense Evasion Technique.☆51Updated 5 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆51Updated 4 months ago