0xsp-SRD / OffensivePascalLinks
Pascal Offsec repo for malware dev and red teaming π©
β189Updated 2 years ago
Alternatives and similar repositories for OffensivePascal
Users that are interested in OffensivePascal are comparing it to the libraries listed below
Sorting:
- A BOF to automate common persistence tasks for red teamersβ290Updated 2 years ago
- WIP shellcode loader in nim with EDR evasion techniquesβ221Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.β302Updated 3 years ago
- β247Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonationβ312Updated 2 years ago
- A BOF to determine Windows Defender exclusions.β254Updated 2 years ago
- A basic emulation of an "RPC Backdoor"β243Updated 3 years ago
- Beacon Object File PoC implementation of KillDefenderβ238Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2β189Updated 3 years ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are aβ¦β139Updated 3 years ago
- Nim Payload Generationβ65Updated 2 years ago
- Get fresh Syscalls from a fresh ntdll.dll copyβ236Updated 3 years ago
- Process Ghosting Toolβ175Updated 4 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNGβ313Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.β310Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLLβ¦β182Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locationsβ160Updated last year
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injectβ¦β244Updated 3 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.β132Updated 2 years ago
- POC tools for exploring SMB over QUIC protocolβ130Updated 3 years ago
- PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloadingβ130Updated 6 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump inβ¦β269Updated 4 years ago
- Useful Cobalt Strike BOFs found or used during engagementsβ145Updated 2 years ago
- Remove API hooks from a Beacon process.β284Updated 4 years ago
- A fake AMSI Provider which can be used for persistence.β154Updated 4 years ago
- C# version of MDSec's ParallelSyscallsβ141Updated 4 years ago
- DLL Hijack Search Order Enumeration BOFβ152Updated 4 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebusβ246Updated 3 years ago
- β169Updated last year
- β215Updated 2 months ago