Flangvik / ObfuscatedSharpCollectionLinks
Attempt at Obfuscated version of SharpCollection
☆219Updated last week
Alternatives and similar repositories for ObfuscatedSharpCollection
Users that are interested in ObfuscatedSharpCollection are comparing it to the libraries listed below
Sorting:
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆318Updated 8 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆253Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆118Updated 2 years ago
- A collection of code snippets built to assist with breaking chains.☆119Updated last year
- Cobalt Strike BOF for evasive .NET assembly execution☆264Updated 4 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆483Updated 4 months ago
- ☆208Updated last year
- ☆181Updated last month
- psexecsvc - a python implementation of PSExec's native service implementation☆206Updated 5 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆297Updated last month
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆327Updated 2 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆303Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆269Updated this week
- .net config loader☆334Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆257Updated 11 months ago
- Execute commands interactively on remote Windows machines using the WinRM protocol☆196Updated last week
- Use ESC1 to perform a makeshift DCSync and dump hashes☆211Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆300Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆314Updated 8 months ago
- Python tool to Check running WebClient services on multiple targets based on @leechristensen☆280Updated 3 years ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆204Updated 9 months ago
- Extracting NetNTLM without touching lsass.exe☆239Updated last year
- Payload Generation Framework☆93Updated last year
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆210Updated 9 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆426Updated last year
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆257Updated 2 years ago
- ☆220Updated 9 months ago
- Impacket is a collection of Python classes for working with network protocols.☆291Updated last week
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆193Updated 2 years ago
- ☆167Updated last year