CodeXTF2 / WindowSpyLinks
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
☆274Updated 4 months ago
Alternatives and similar repositories for WindowSpy
Users that are interested in WindowSpy are comparing it to the libraries listed below
Sorting:
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Patching AmsiOpenSession by forcing an error branching☆146Updated last year
- Github as C2 Demonstration , free API = free C2 Infrastructure☆140Updated last year
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆249Updated 2 years ago
- Set of python scripts which perform different ways of command execution via WMI protocol.☆159Updated last year
- A shellcode injection tool showcasing various process injection techniques☆137Updated last year
- A collection of Cobalt Strike Aggressor scripts.☆98Updated 3 years ago
- Documents Exfiltration project for fun and educational purposes☆145Updated last year
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆176Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆420Updated last year
- ☆164Updated 2 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆294Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- ☆164Updated last year
- ☆282Updated last year
- ☆167Updated 10 months ago
- ☆220Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆193Updated 2 years ago
- REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…☆156Updated last year
- PowerShell runner for executing malicious payloads in order to bypass Windows Defender.☆73Updated 3 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆231Updated 8 months ago
- 🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.☆157Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆299Updated 2 years ago
- pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Blood…☆138Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆346Updated 2 years ago
- Run Your Payload Without Running Your Payload☆182Updated 2 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆131Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆87Updated 3 months ago