Cobalt Strike BOF that Add a user to localgroup by samr
☆136Nov 30, 2022Updated 3 years ago
Alternatives and similar repositories for adduserbysamr-bof
Users that are interested in adduserbysamr-bof are comparing it to the libraries listed below
Sorting:
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- 提取域控日志,支持远程提取☆171Mar 17, 2025Updated 11 months ago
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- ☆143May 17, 2023Updated 2 years ago
- RPC远程主机信息匿名扫描工具☆317Sep 30, 2022Updated 3 years ago
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- vhost password decrypt☆262Oct 9, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- 一款OutLook信息收集工具☆244May 23, 2023Updated 2 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆556Jan 18, 2022Updated 4 years ago
- 域内普通域用户权限查找域内所有计算机上登录的用户☆151Apr 20, 2023Updated 2 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆55Jul 1, 2023Updated 2 years ago
- Zerologon exploit with restore DC password automatically☆145Mar 15, 2024Updated last year
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- Cobalt Strike BOF that Add an admin user☆79Oct 11, 2022Updated 3 years ago
- A little tool to play with Windows security☆12Jan 21, 2026Updated last month
- ☆161Mar 27, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- ☆26Apr 24, 2025Updated 10 months ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆400Feb 6, 2023Updated 3 years ago
- Pillager是一个适用于后渗透期间的信息收集工具☆1,268Sep 7, 2024Updated last year
- 钓鱼上线后渗透工具☆132Feb 19, 2023Updated 3 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆253Jul 12, 2023Updated 2 years ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- Cobalt Strike 二开项目☆185Feb 11, 2023Updated 3 years ago
- Windows Token Stealing Expert☆486Nov 24, 2023Updated 2 years ago
- PrintNotifyPotato☆539Dec 2, 2022Updated 3 years ago
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- 用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入☆288Nov 20, 2023Updated 2 years ago
- Mssql利用工具☆276Aug 7, 2023Updated 2 years ago
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆490Dec 7, 2025Updated 2 months ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆195Jun 18, 2024Updated last year
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,467Apr 25, 2024Updated last year
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago