Cobalt-Strike / sleep_python_bridge
This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This project is very much in BETA. The goal is to provide a playground for testing and is in no way an officially support feature. Perhaps this could be somet…
☆182Updated last year
Alternatives and similar repositories for sleep_python_bridge:
Users that are interested in sleep_python_bridge are comparing it to the libraries listed below
- DLL Hijack Search Order Enumeration BOF☆147Updated 3 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Updated 3 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆215Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆152Updated last year
- POC tools for exploring SMB over QUIC protocol☆121Updated 2 years ago
- Beacon Object File PoC implementation of KillDefender☆223Updated 2 years ago
- Extendable payload obfuscation and delivery framework☆143Updated 2 years ago
- Perform DCSync operation without mimikatz☆142Updated 4 months ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆178Updated 2 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆226Updated 3 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆197Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆171Updated 2 years ago
- My CobaltStrike BOFS☆163Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆296Updated 2 years ago
- ☆157Updated 2 years ago
- AV/EDR evasion via direct system calls.☆107Updated last year
- Pass the Hash to a named pipe for token Impersonation☆141Updated 3 years ago
- ☆167Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆299Updated last year
- Coerce Windows machines auth via MS-EVEN☆158Updated last year
- A BOF to automate common persistence tasks for red teamers☆271Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆278Updated 3 years ago
- Remove API hooks from a Beacon process.☆268Updated 3 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Updated 3 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Updated 2 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆200Updated 3 years ago
- Zipper, a CobaltStrike file and folder compression utility.☆217Updated 5 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆178Updated 3 years ago
- C# version of Powermad☆162Updated last year
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆182Updated 2 years ago