F4l13n5n0w / sn0wldr

Related projects ⓘ

Alternatives and complementary repositories for sn0wldr

• LuemmelSec / ntlmrelayx.py_to_exe
  ☆77Updated last year
• dreamkinn / go-ThreadlessInject
  Golang implementation of @CCob's C# ThreadlessInject
  ☆30Updated 6 months ago
• roberreigada / LsassUnhooker
  Little program written in C# to bypass EDR hooks and dump the content of the lsass process
  ☆60Updated 3 years ago
• werdhaihai / SharpAltShellCodeExec
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆72Updated last year
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆40Updated 7 months ago
• tijme / kernel-mii
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆79Updated last year
• EspressoCake / Defender-Exclusions-Creator-BOF
  ☆76Updated last year
• rasta-mouse / SCMUACBypass
  ☆94Updated last year
• parzel / GoSleepyCrypt
  In-memory sleep encryption and heap encryption for Go applications through a shellcode function.
  ☆39Updated 10 months ago
• OG-Sadpanda / SharpZippo
  List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly
  ☆58Updated 2 years ago
• Octoberfest7 / KillDefender_BOF
  Beacon Object File implementation of pwn1sher's KillDefender
  ☆62Updated 2 years ago
• ShadowMccc / MemoryEvasion
  A Cobalt Strike memory evasion loader for redteamers
  ☆95Updated last year
• c3r3br4t3 / ShadowRDP
  ☆62Updated 9 months ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆98Updated last year
• REDMED-X / InjectKit
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆88Updated 10 months ago
• ice-wzl / wmiexec2
  wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures …
  ☆32Updated 5 months ago
• maxDcb / C2TeamServer
  TeamServer and Client of Exploration Command and Control Framework
  ☆69Updated this week
• nick-frischkorn / TokenStripBOF
  Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process
  ☆32Updated 2 years ago
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆54Updated 10 months ago
• netero1010 / TrustedPath-UACBypass-BOF
  Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
  ☆118Updated 3 years ago
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆20Updated last year
• lsecqt / CVE-2022-26923-Powershell-POC
  A powershell poc to load and automatically run Certify and Rubeus from memory.
  ☆17Updated 2 years ago
• OG-Sadpanda / SharpSword
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Updated last month
• nick-frischkorn / SuspendEventLogBOF
  Beacon Object File to locate and suspend the threads hosting the Event Log service
  ☆24Updated 2 years ago
• mez-0 / offensive-groovy
  Groovy Post Exploitation
  ☆18Updated last month
• kyxiaxiang / AV_EDR_EPP_Notes
  ☆44Updated 7 months ago
• Octoberfest7 / CS_Uploads_Tracker
  Aggressor script add-in for CobaltStrike to track file uploads
  ☆35Updated 2 years ago
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF
  ☆146Updated last year
• Hagrid29 / BOF-SprayAD
  Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
  ☆43Updated last year