CCob / lsarelayx
NTLM relaying for Windows made easy
☆529Updated last year
Related projects: ⓘ
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆681Updated 9 months ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆488Updated 2 years ago
- Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.☆286Updated last year
- Framework for Kerberos relaying☆844Updated 2 years ago
- A .NET Framework 4.0 Windows Agent☆443Updated 2 weeks ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆733Updated 3 years ago
- ☆469Updated this week
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆339Updated 3 years ago
- A User Impersonation tool - via Token or Shellcode injection☆397Updated 2 years ago
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆461Updated 2 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆435Updated 3 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆448Updated 6 months ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆608Updated 2 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆790Updated 3 years ago
- Cobalt Strike kit for Lateral Movement☆640Updated 4 years ago
- Python version of the C# tool for "Shadow Credentials" attacks☆576Updated last month
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆811Updated last year
- "Golden" certificates☆630Updated last month
- TCP Port Redirection Utility☆662Updated last year
- ☆613Updated this week
- Get file less command execution for lateral movement.☆598Updated 2 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆427Updated last year
- Red Team C code repo☆509Updated 10 months ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆327Updated last year
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆389Updated 7 months ago
- ☆715Updated 2 years ago
- Bypass for PowerShell Constrained Language Mode☆359Updated 2 years ago
- ☆497Updated 2 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆652Updated 2 weeks ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆734Updated last year