Seamless remote browser session control
☆229Jan 28, 2026Updated last month
Alternatives and similar repositories for evilreplay
Users that are interested in evilreplay are comparing it to the libraries listed below
Sorting:
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephe…☆502Oct 3, 2025Updated 5 months ago
- Chrome browser extension-based Command & Control☆239Jul 2, 2025Updated 8 months ago
- Addon for BHCE☆58Apr 1, 2025Updated 11 months ago
- Shellcode loader☆101Nov 24, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 9 months ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆122Jul 19, 2025Updated 7 months ago
- peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.☆226Apr 14, 2025Updated 10 months ago
- ☆160May 5, 2025Updated 10 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Advanced AWS Access Credentials Scanner ⚡☆13Apr 26, 2023Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆23Feb 23, 2026Updated last week
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆199Dec 30, 2025Updated 2 months ago
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆334Jan 14, 2026Updated last month
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆57Jan 14, 2026Updated last month
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆189Aug 6, 2025Updated 7 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆147Jul 17, 2025Updated 7 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Example code samples from our ScriptBlock Smuggling Blog post☆95Jun 18, 2024Updated last year
- COM-based DLL Surrogate Injection☆142Dec 9, 2025Updated 2 months ago
- Some Rust program I wrote while learning Malware Development☆158Feb 4, 2025Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- a tool to help operate in EDRs' blind spots☆766Dec 2, 2024Updated last year
- Group Policy Objects manipulation and exploitation framework☆292Dec 7, 2025Updated 3 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆38Jan 7, 2025Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆19Dec 23, 2025Updated 2 months ago
- ☆109Feb 17, 2025Updated last year