0xthirteen / reg_snake
Python tool to interact with WMI StdRegProv
☆57Updated 5 months ago
Alternatives and similar repositories for reg_snake:
Users that are interested in reg_snake are comparing it to the libraries listed below
- ☆54Updated 2 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆94Updated last year
- Lsass dumper evading (some) EDR detection☆23Updated 2 months ago
- ☆54Updated 6 months ago
- SAM Dumping in C#☆48Updated 3 months ago
- ☆97Updated 7 months ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆35Updated last year
- time-based user enum via Basic Auth in Azure against Autodiscover☆32Updated 6 months ago
- ☆50Updated 5 months ago
- Tool to aid in dumping LSASS process remotely☆38Updated 9 months ago
- ☆110Updated 5 months ago
- ☆106Updated 2 months ago
- TokenCert☆95Updated 5 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆112Updated 3 weeks ago
- Execute commands in other Sessions☆86Updated 8 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆74Updated last month
- Lateral Movement via the .NET Profiler☆81Updated 5 months ago
- Enumerate Domain Users Without Authentication☆32Updated this week
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆65Updated last week
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆151Updated last year
- ☆128Updated 2 months ago
- ☆52Updated 4 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆120Updated 6 months ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆49Updated 3 months ago
- BOF to decrypt Signal Desktop chat logs☆65Updated 2 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆76Updated 2 weeks ago
- Example code samples from our ScriptBlock Smuggling Blog post☆89Updated 10 months ago
- Reasonably undetected shellcode stager and executer.☆37Updated 7 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated 11 months ago