CCob / lsarelayx

Related projects: ⓘ

• FuzzySecurity / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆681Updated 9 months ago
• tothi / rbcd-attack
  Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
  ☆488Updated 2 years ago
• GoSecure / pywsus
  Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
  ☆286Updated last year
• cube0x0 / KrbRelay
  Framework for Kerberos relaying
  ☆844Updated 2 years ago
• MythicAgents / Apollo
  A .NET Framework 4.0 Windows Agent
  ☆443Updated 2 weeks ago
• NotMedic / NetNTLMtoSilverTicket
  SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
  ☆733Updated 3 years ago
• D1rkMtr / DumpThatLSASS
  ☆469Updated this week
• GoSecure / WSuspicious
  WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
  ☆339Updated 3 years ago
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆397Updated 2 years ago
• N7WEra / SharpAllTheThings
  The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
  ☆461Updated 2 years ago
• deepinstinct / LsassSilentProcessExit
  Command line interface to dump LSASS memory to disk via SilentProcessExit
  ☆435Updated 3 years ago
• zyn3rgy / LdapRelayScan
  Check for LDAP protections regarding the relay of NTLM authentication
  ☆448Updated 6 months ago
• nccgroup / nccfsas
  Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
  ☆608Updated 2 years ago
• Flangvik / BetterSafetyKatz
  Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…
  ☆790Updated 3 years ago
• 0xthirteen / MoveKit
  Cobalt Strike kit for Lateral Movement
  ☆640Updated 4 years ago
• ShutdownRepo / pywhisker
  Python version of the C# tool for "Shadow Credentials" attacks
  ☆576Updated last month
• bats3c / ADCSPwn
  A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…
  ☆811Updated last year
• GhostPack / ForgeCert
  "Golden" certificates
  ☆630Updated last month
• praetorian-inc / PortBender
  TCP Port Redirection Utility
  ☆662Updated last year
• josephkingstone / cobalt_strike_extension_kit
  ☆613Updated this week
• juliourena / SharpNoPSExec
  Get file less command execution for lateral movement.
  ☆598Updated 2 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆427Updated last year
• Mr-Un1k0d3r / RedTeamCCode
  Red Team C code repo
  ☆509Updated 10 months ago
• BC-SECURITY / Malleable-C2-Profiles
  Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.
  ☆327Updated last year
• med0x2e / NTLMRelay2Self
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆389Updated 7 months ago
• Wh04m1001 / DFSCoerce
  ☆715Updated 2 years ago
• padovah4ck / PSByPassCLM
  Bypass for PowerShell Constrained Language Mode
  ☆359Updated 2 years ago
• S3cur3Th1sSh1t / MultiPotato
  ☆497Updated 2 years ago
• CCob / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆652Updated 2 weeks ago
• optiv / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆734Updated last year