A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solution can be easily deployed on PaaS.
☆143Aug 5, 2025Updated 7 months ago
Alternatives and similar repositories for EvilWorker
Users that are interested in EvilWorker are comparing it to the libraries listed below
Sorting:
- Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format☆33Oct 22, 2024Updated last year
- Encrypt any C# binary or bin file☆12Aug 1, 2024Updated last year
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- ☆30May 23, 2024Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆309Feb 16, 2026Updated 2 weeks ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated last week
- PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This projec…☆43Nov 9, 2025Updated 3 months ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,314Nov 12, 2025Updated 3 months ago
- Recon scripts for Red Team and Web blackbox auditing☆25Updated this week
- Python code to Serialize and Unserialize java binary serialization format.☆30Feb 27, 2026Updated last week
- This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim …☆188Sep 19, 2025Updated 5 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.☆237Feb 20, 2026Updated 2 weeks ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 9 months ago
- Identify Azure AD resources that issue tokens without MFA enforcement using the ROPC grant flow.☆83Feb 2, 2026Updated last month
- A Mythic agent for Windows written in C☆158Feb 22, 2026Updated last week
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- a small script to collect information from a management point☆37Jan 19, 2026Updated last month
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.☆61Aug 21, 2024Updated last year
- Shellcode loader that executes embedded Lua from Rust.☆128Dec 16, 2024Updated last year
- A tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such …☆391Aug 18, 2025Updated 6 months ago
- RopstenCtf is an easy tool to interact with the ethereum ropsten network for ctf purpose and more.☆17Jul 18, 2022Updated 3 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Find jmp gadgets for call stack spoofing.☆75Oct 1, 2025Updated 5 months ago
- Multiplayer pivoting solution☆489Nov 3, 2025Updated 4 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆197Nov 4, 2025Updated 4 months ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆116Oct 20, 2024Updated last year
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆441May 29, 2024Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Aug 18, 2023Updated 2 years ago
- IPSpinner works as a local proxy that redirects requests through external services.☆112Mar 19, 2025Updated 11 months ago
- Locate intersting files in grayhatwarfare.com open S3 buckets and Azure blobs automatically!☆29Apr 6, 2022Updated 3 years ago
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.☆28May 8, 2025Updated 9 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- Python3 rewrite of AsOutsider features of AADInternals☆60Jul 23, 2025Updated 7 months ago
- a tool to help operate in EDRs' blind spots☆767Dec 2, 2024Updated last year