Arvanaghi / CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
☆916Updated 3 years ago
Alternatives and similar repositories for CheckPlease:
Users that are interested in CheckPlease are comparing it to the libraries listed below
- SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader☆1,251Updated 5 years ago
- HTA encryption tool for RedTeams☆1,384Updated 2 years ago
- Token Privilege Research☆811Updated 7 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,495Updated 6 years ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,125Updated 4 years ago
- Run PowerShell command without invoking powershell.exe☆1,494Updated 2 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆746Updated 6 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,581Updated 2 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,521Updated 4 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,475Updated last year
- Malicious Macro Generator☆825Updated 5 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆832Updated 7 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,495Updated last year
- Red Team Tips as posted by @vysecurity on Twitter☆1,054Updated 4 years ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,158Updated 5 years ago
- Process Injection☆758Updated 3 years ago
- SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, Supe…☆1,253Updated 2 years ago
- Windows Event Log Killer☆1,776Updated last year
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆802Updated 5 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,003Updated 6 years ago
- ☆482Updated 7 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,791Updated 4 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,271Updated 4 years ago
- Also known by Microsoft as Knifecoat☆1,128Updated 2 years ago
- Aggressor scripts for use with Cobalt Strike 3.0+☆826Updated 2 years ago
- PowerShell Pass The Hash Utils☆1,557Updated 6 years ago
- SharpSploit is a .NET post-exploitation library written in C#☆1,779Updated 3 years ago
- New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.☆929Updated 7 years ago
- TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.☆1,265Updated 3 years ago
- Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.☆637Updated last year