C-Sto / gosecretsdump

Related projects: ⓘ

• N7WEra / SharpAllTheThings
  The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
  ☆461Updated 2 years ago
• outflanknl / Spray-AD
  A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
  ☆422Updated 2 years ago
• NotMedic / NetNTLMtoSilverTicket
  SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
  ☆733Updated 3 years ago
• tothi / rbcd-attack
  Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
  ☆488Updated 2 years ago
• rvrsh3ll / BOF_Collection
  Various Cobalt Strike BOFs
  ☆557Updated last year
• mdsecactivebreach / Farmer
  ☆341Updated 3 years ago
• BC-SECURITY / Malleable-C2-Profiles
  Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.
  ☆327Updated last year
• deepinstinct / LsassSilentProcessExit
  Command line interface to dump LSASS memory to disk via SilentProcessExit
  ☆435Updated 3 years ago
• 0xthirteen / MoveKit
  Cobalt Strike kit for Lateral Movement
  ☆640Updated 4 years ago
• threatexpress / cs2modrewrite
  Convert Cobalt Strike profiles to modrewrite scripts
  ☆578Updated last year
• CCob / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆652Updated 2 weeks ago
• outflanknl / Recon-AD
  Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
  ☆312Updated 4 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆427Updated last year
• ropnop / go-windapsearch
  Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
  ☆343Updated 3 years ago
• FuzzySecurity / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆681Updated 9 months ago
• byt3bl33d3r / pyMalleableC2
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆262Updated 4 months ago
• Binject / go-donut
  Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut
  ☆305Updated 2 years ago
• dcsync / pycobalt
  Cobalt Strike Python API
  ☆291Updated 2 years ago
• zeronetworks / cornershot
  Amplify network visibility from multiple POV of other hosts
  ☆291Updated 5 months ago
• Z4kSec / Masky
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆371Updated 5 months ago
• optiv / Dent
  A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
  ☆295Updated last year
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆397Updated 2 years ago
• dirkjanm / PKINITtools
  Tools for Kerberos PKINIT and relaying to AD CS
  ☆607Updated 5 months ago
• padovah4ck / PSByPassCLM
  Bypass for PowerShell Constrained Language Mode
  ☆359Updated 2 years ago
• ajpc500 / BOFs
  Collection of Beacon Object Files
  ☆538Updated last year
• zer1t0 / ticket_converter
  A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.
  ☆163Updated 2 years ago
• FSecureLABS / incognito
  One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/
  ☆142Updated 4 years ago
• PwnDexter / Invoke-EDRChecker
  Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…
  ☆233Updated 11 months ago
• boku7 / azureOutlookC2
  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…
  ☆457Updated last year
• zyn3rgy / LdapRelayScan
  Check for LDAP protections regarding the relay of NTLM authentication
  ☆448Updated 6 months ago