CodeXTF2 / WindowSpy
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
☆259Updated last year
Related projects ⓘ
Alternatives and complementary repositories for WindowSpy
- A collection of Cobalt Strike Aggressor scripts.☆85Updated 2 years ago
- Run Your Payload Without Running Your Payload☆176Updated 2 years ago
- ☆156Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆147Updated 6 months ago
- Kill AV/EDR leveraging BYOVD attack☆309Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆365Updated 5 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆171Updated last year
- Documents Exfiltration project for fun and educational purposes☆144Updated last year
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆166Updated last year
- Set of python scripts which perform different ways of command execution via WMI protocol.☆158Updated last year
- Execute shellcode files with rundll32☆184Updated 9 months ago
- ☆160Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆225Updated last year
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆274Updated 11 months ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆130Updated last year
- Evasive Golang Loader☆130Updated 3 months ago
- Modules used by the Havoc Framework☆204Updated 5 months ago
- Extracting NetNTLM without touching lsass.exe☆224Updated 11 months ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆292Updated 2 years ago
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆235Updated last year
- A shellcode injection tool showcasing various process injection techniques☆134Updated 11 months ago
- Shaco is a linux agent for havoc☆144Updated last year
- Attempt at Obfuscated version of SharpCollection☆189Updated last week
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆258Updated 2 years ago
- 🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.☆158Updated last year
- Generate Shellcode Loaders & Injects☆152Updated last year
- ☆142Updated last week
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆250Updated last year