EgeBalci / evilreplayView external linksLinks
Seamless remote browser session control
☆225Jan 28, 2026Updated 2 weeks ago
Alternatives and similar repositories for evilreplay
Users that are interested in evilreplay are comparing it to the libraries listed below
Sorting:
- Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephe…☆500Oct 3, 2025Updated 4 months ago
- Chrome browser extension-based Command & Control☆232Jul 2, 2025Updated 7 months ago
- Addon for BHCE☆58Apr 1, 2025Updated 10 months ago
- Shellcode loader☆100Nov 24, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 8 months ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆122Jul 19, 2025Updated 6 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.☆222Apr 14, 2025Updated 10 months ago
- ☆159May 5, 2025Updated 9 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆196Dec 30, 2025Updated last month
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Advanced AWS Access Credentials Scanner ⚡☆13Apr 26, 2023Updated 2 years ago
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆328Jan 14, 2026Updated last month
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆57Jan 14, 2026Updated last month
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆187Aug 6, 2025Updated 6 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆146Jul 17, 2025Updated 6 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- COM-based DLL Surrogate Injection☆140Dec 9, 2025Updated 2 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆260Nov 22, 2025Updated 2 months ago
- a tool to help operate in EDRs' blind spots☆767Dec 2, 2024Updated last year
- Group Policy Objects manipulation and exploitation framework☆289Dec 7, 2025Updated 2 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆37Jan 7, 2025Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Abuse leaked token handles.☆134Dec 14, 2023Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 3 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆156Mar 26, 2025Updated 10 months ago
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication. Generates individual CSV files and a single XSLX rep…☆24Updated this week
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆19Dec 23, 2025Updated last month
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆74Aug 19, 2025Updated 5 months ago
- ☆109Feb 17, 2025Updated 11 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year