Cybereason / Invoke-WMILM
☆229Updated 6 years ago
Alternatives and similar repositories for Invoke-WMILM:
Users that are interested in Invoke-WMILM are comparing it to the libraries listed below
- Lateral Movement technique using DCOM and HTA☆230Updated 2 years ago
- Generates anti-sandbox analysis HTA files without payloads☆118Updated 7 years ago
- Liniaal - A communication extension to Ruler☆97Updated 6 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆135Updated 7 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆103Updated 7 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆75Updated 6 years ago
- How To Execute Shellcode via HTA☆137Updated 7 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated 2 weeks ago
- A Powershell implementation of PrivExchange designed to run under the current user's context☆124Updated 6 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆163Updated 7 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆319Updated 7 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆182Updated 5 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆145Updated 5 years ago
- Assorted scripts and one off things☆264Updated 6 months ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆285Updated 6 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆256Updated 6 years ago
- VBS Reversed TCP Meterpreter Stager☆86Updated 7 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆160Updated 7 years ago
- a tool to make it easy and fast to test various forms of injection☆172Updated 5 years ago
- ☆272Updated 2 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆103Updated 4 years ago
- a simple portforwarder in ps1 with embeded c# code☆89Updated 6 years ago
- DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.☆252Updated 6 years ago
- A command line tool for creating malicious outlook rules☆161Updated 6 years ago
- Cobalt Strike SCT payload obfuscator☆141Updated 7 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆282Updated 7 years ago
- lateral movement techniques that can be used during red team exercises☆269Updated 5 years ago
- PowerDNS: Powershell DNS Delivery☆211Updated 6 years ago
- ☆78Updated 8 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆166Updated 4 years ago