Adaptix-Framework / AdaptixC2
☆410Updated this week
Alternatives and similar repositories for AdaptixC2:
Users that are interested in AdaptixC2 are comparing it to the libraries listed below
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆508Updated this week
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆378Updated 7 months ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆514Updated last month
- Extract and execute a PE embedded within a PNG file using an LNK file.☆395Updated 5 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆511Updated 9 months ago
- ☆352Updated 3 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆394Updated 8 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆567Updated 9 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆438Updated last month
- Evasive shellcode loader☆351Updated 5 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆490Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆305Updated 11 months ago
- shellcode loader for your evasion needs☆317Updated 4 months ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆413Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆256Updated 2 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆579Updated 9 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆266Updated last week
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆202Updated last week
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆252Updated 7 months ago
- Fileless atexec, no more need for port 445☆363Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆396Updated 8 months ago
- ☆162Updated last year
- ☆228Updated 4 months ago
- COM ViewLogger — new malware keylogging technique☆348Updated 2 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆571Updated 8 months ago
- POC exploit for CVE-2024-49138☆246Updated last month
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆426Updated 2 years ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆311Updated 10 months ago
- Escalate Service Account To LocalSystem via Kerberos☆393Updated last year
- not a reverse-engineered version of the Cobalt Strike Beacon☆355Updated last year