C0axx / CanaryHunterView external linksLinks
Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
☆124Nov 9, 2022Updated 3 years ago
Alternatives and similar repositories for CanaryHunter
Users that are interested in CanaryHunter are comparing it to the libraries listed below
Sorting:
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆259Jun 29, 2024Updated last year
- Infect Shared Files In Memory for Lateral Movement☆196Dec 14, 2022Updated 3 years ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆501Jan 23, 2023Updated 3 years ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 3 months ago
- .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#☆10Oct 14, 2024Updated last year
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 10 months ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆482Jul 9, 2024Updated last year
- HashKitty is a user-friendly cross-platform Python wrapper for Hashcat designed to provide an easy password cracking experience for both …☆42Jul 18, 2024Updated last year
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Nov 24, 2023Updated 2 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated 11 months ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆503May 16, 2023Updated 2 years ago
- Easy red team phishing with Puppeteer☆133Feb 6, 2023Updated 3 years ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,254Mar 19, 2025Updated 10 months ago
- ☆107Jan 4, 2023Updated 3 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆18Aug 3, 2023Updated 2 years ago
- Process dumper wrote in rust.☆14Sep 16, 2024Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆209Nov 12, 2025Updated 3 months ago
- ↕️🤫 Stealth redirector for your red team operation security☆1,064Jul 6, 2025Updated 7 months ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆36Dec 1, 2025Updated 2 months ago
- Python module for running BOFs☆79Nov 28, 2025Updated 2 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- ☆230Jun 10, 2025Updated 8 months ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Oct 10, 2022Updated 3 years ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆94Jul 3, 2025Updated 7 months ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆40Aug 8, 2022Updated 3 years ago
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆441May 29, 2024Updated last year
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆40Oct 30, 2024Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆882Feb 5, 2026Updated last week
- Roast in the Middle☆296Sep 19, 2025Updated 4 months ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago
- ☆190Nov 21, 2024Updated last year
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆202Jun 25, 2024Updated last year
- Command Augmentation support for BOFs and .NET assemblies across agents☆38Jan 12, 2026Updated last month
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL☆64Sep 12, 2022Updated 3 years ago