AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over the short term, while over the long term help AV/EDR vendors improve how they handle AHK scripts.
β110Jul 21, 2025Updated 7 months ago
Alternatives and similar repositories for AutoPwnKey
Users that are interested in AutoPwnKey are comparing it to the libraries listed below
Sorting:
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many portsβ59Jul 13, 2025Updated 7 months ago
- π₯οΈ Windows π A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during β¦β54Jan 26, 2026Updated last month
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passworβ¦β40May 7, 2023Updated 2 years ago
- Persist like a Dodderβ68May 19, 2025Updated 9 months ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates β¦β122Jul 19, 2025Updated 7 months ago
- .NET tool used to enrich RPC telemetryβ101Jan 24, 2026Updated last month
- Addon for BHCEβ58Apr 1, 2025Updated 10 months ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.β23Jan 30, 2026Updated last month
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf filesβ96Apr 2, 2025Updated 10 months ago
- Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.β109May 30, 2025Updated 8 months ago
- β23Mar 4, 2025Updated 11 months ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrencyβ15Nov 13, 2025Updated 3 months ago
- An ultra lightweight web screenshot tool with advanced DOM analysis features.β40Dec 2, 2025Updated 2 months ago
- A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objectβ¦β315Feb 8, 2026Updated 2 weeks ago
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.β45Jul 6, 2025Updated 7 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsingβ104Nov 7, 2025Updated 3 months ago
- An OpenAI API Compatible Honeypot Gatewayβ17Mar 17, 2025Updated 11 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catalβ¦β92Jan 14, 2026Updated last month
- β43Jul 17, 2025Updated 7 months ago
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, aloβ¦β92Aug 3, 2025Updated 6 months ago
- Utilizng an MCP Server to communicate with your C2β86May 15, 2025Updated 9 months ago
- β163Nov 19, 2025Updated 3 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.β34Jun 23, 2024Updated last year
- β49Dec 20, 2025Updated 2 months ago
- An index of publicly available and open-source threat detection rulesets.β130Apr 17, 2025Updated 10 months ago
- Hijack a slack bot to phish your way inβ57Jul 17, 2025Updated 7 months ago
- β21Jan 8, 2026Updated last month
- Assortment of scripts and tools for our Blackhat EU 2024 talkβ105Feb 6, 2025Updated last year
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's β¦β130Mar 26, 2025Updated 11 months ago
- Linux CS bypass techniqueβ32Feb 4, 2025Updated last year
- Eve is a JAMF exploitation toolkit used to interact with locally hosted JAMF servers and those hosted on jamfcloud.com.β42Sep 16, 2025Updated 5 months ago
- BlueSky OSINT Toolβ14Dec 10, 2024Updated last year
- Burp extension for Recursive Request Exploits (RRE) β DEFCON 2025β121Jan 30, 2026Updated last month
- PoC shadow SaaS and insecure credential detection system using a browser extension.β42Feb 8, 2026Updated 2 weeks ago
- Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)β31Jan 18, 2025Updated last year
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directoryβ314Feb 16, 2026Updated last week
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analβ¦β336Jun 2, 2025Updated 8 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCSβ150Feb 10, 2025Updated last year
- Enumerate active EDR's on the systemβ150Sep 23, 2025Updated 5 months ago