CyberSecurityUP / Windows-API-for-Red-Team

Related projects ⓘ

Alternatives and complementary repositories for Windows-API-for-Red-Team

• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated last year
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆108Updated last month
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆88Updated last month
• yehia-mamdouh / Shell3er
  PowerShell Reverse Shell
  ☆61Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆119Updated last year
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆39Updated 5 months ago
• 0xAbdullah / Offensive-Snippets
  A repository with my code snippets for research/education purposes.
  ☆50Updated last year
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆80Updated 4 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• macrl2000 / reaper-wu
  vulnlab.com reaper writeup
  ☆26Updated last year
• g0h4n / RustHound-CE
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆102Updated 3 weeks ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆58Updated 5 months ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆54Updated 5 months ago
• seriotonctf / AD-Tools
  List of some AD tools I frequently use
  ☆43Updated last month
• matro7sh / matro7sh_loaders
  this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
  ☆77Updated 11 months ago
• rasta-mouse / SpawnWith
  ☆92Updated 8 months ago
• p4p1 / havoc-bloodhound
  A GUI wrapper inside of Havoc to interact with bloodhound CE
  ☆69Updated 9 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆143Updated 6 months ago
• 0xHossam / APT-Attack-Simulation
  APT-Attack-Simulation simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privile…
  ☆43Updated 6 months ago
• g0h4n / RDE1
  RDE1 (Rusty Data Exfiltrator) is client and server tool allowing auditor to extract files from DNS and HTTPS protocols written in Rust. �…
  ☆40Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆133Updated 3 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆57Updated 5 months ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆78Updated 7 months ago
• Hacker-Hermanos / C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
  C2 Infrastructure Automation
  ☆86Updated last week
• 4ndr34z / ntlmthief
  ☆51Updated 9 months ago
• p4p1 / havoc-ligolo
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆42Updated 9 months ago
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated 11 months ago
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆163Updated last month