Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
☆45Aug 16, 2024Updated last year
Alternatives and similar repositories for OffSecOps-Arsenal
Users that are interested in OffSecOps-Arsenal are comparing it to the libraries listed below
Sorting:
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 2 years ago
- ☆33Jan 23, 2025Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆373Oct 14, 2025Updated 5 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- AADInternals-Endpoints PowerShell module☆35Jul 2, 2025Updated 8 months ago
- Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。)☆13Oct 21, 2024Updated last year
- ☆11Jun 26, 2024Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆101Sep 5, 2024Updated last year
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆398Jul 23, 2025Updated 7 months ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- ☆244May 5, 2024Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆155Jan 21, 2023Updated 3 years ago
- ☆147Nov 6, 2025Updated 4 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 11 months ago
- Havoc C2 profile generator☆106Mar 4, 2026Updated 2 weeks ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- 免杀木马样本☆105Oct 11, 2025Updated 5 months ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆135Nov 12, 2025Updated 4 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆324Jun 18, 2023Updated 2 years ago
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆22Feb 20, 2025Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Cs-Sleep-Mask-Fiber☆18May 16, 2025Updated 10 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated last year
- ☆26Sep 29, 2018Updated 7 years ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 2 months ago