Use powershell to test Office-based persistence methods
☆76Apr 17, 2021Updated 4 years ago
Alternatives and similar repositories for Office-Persistence
Users that are interested in Office-Persistence are comparing it to the libraries listed below
Sorting:
- Use to generate DLL through Visual Studio☆20Jul 24, 2017Updated 8 years ago
- use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)☆60Aug 4, 2017Updated 8 years ago
- ☆16Apr 17, 2021Updated 4 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- Windows 7/2008 R2 EoP☆13Feb 12, 2021Updated 5 years ago
- ☆21Dec 1, 2019Updated 6 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- ObscurityLabs RedTeam C# Toolkit☆123Sep 3, 2019Updated 6 years ago
- Cobalt Strike teamserver detection.☆16Apr 26, 2021Updated 4 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Various Aggressor Scripts I've Created.☆150Jan 1, 2022Updated 4 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- C# .NET Assembly for interacting with File Object DACLs☆45Apr 3, 2020Updated 5 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆65Dec 27, 2017Updated 8 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- juicypotato for win10 > 1803 & win server 2019☆97Feb 23, 2021Updated 5 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- NetBIOS scanning tool written in c#☆71Aug 6, 2021Updated 4 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Mar 1, 2021Updated 5 years ago
- Collection of scripts for interacting with AD Kerberos from Linux☆72Apr 22, 2018Updated 7 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- Cobalt Strike aggressor scripts☆90Aug 3, 2018Updated 7 years ago
- External C2 Using IE COM Objects☆101Feb 24, 2019Updated 7 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 4 years ago
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- ☆163Apr 25, 2022Updated 3 years ago
- DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.☆145Oct 6, 2019Updated 6 years ago
- ☆351Feb 21, 2022Updated 4 years ago
- ☆208May 1, 2020Updated 5 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- ☆27Jun 17, 2021Updated 4 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago