CICADA8-Research / LogHunterLinks
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
☆72Updated last year
Alternatives and similar repositories for LogHunter
Users that are interested in LogHunter are comparing it to the libraries listed below
Sorting:
- ☆145Updated 3 months ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆83Updated 11 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆41Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆127Updated last month
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- ☆57Updated 6 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- Automated .NET AppDomain hijack payload generation☆127Updated 6 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆96Updated 3 months ago
- TokenCert☆100Updated 9 months ago
- ☆57Updated 9 months ago
- ☆191Updated 4 months ago
- ☆91Updated 7 months ago
- ☆110Updated 6 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆149Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- Lateral Movement☆124Updated last year
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆40Updated 7 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆94Updated 10 months ago
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆72Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆122Updated 10 months ago
- Pre-Auth Exploit for CVE-2024-40711☆54Updated 11 months ago
- Tool to obtain hash using MS-SNTP for user accounts☆25Updated 7 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- .bin file to shellcode convertor☆38Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated last year
- Source code and examples for PassiveAggression☆64Updated last year
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆52Updated last month
- Permanently disable EDRs as local admin☆94Updated last month