A stealthier approach to WMI-based command execution using Impacket without touching the disk.
☆74Mar 15, 2026Updated last month
Alternatives and similar repositories for StealthyWMIExec.py
Users that are interested in StealthyWMIExec.py are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- rust port of pspy with support for process monitoring over dbus☆37Jan 4, 2026Updated 3 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 5 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Just another EDR killer☆137Jan 21, 2026Updated 2 months ago
- Client-side Encrypted Upload Server Python Script☆67Jul 10, 2025Updated 9 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Blue Hammer by Nightmare-Eclipse Vulnerability Documentation & Reimplementation.☆106Apr 8, 2026Updated last week
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆52Nov 2, 2025Updated 5 months ago
- List web account manager (WAM) accounts added to the current profile☆26Dec 11, 2025Updated 4 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- Filesystem interaction via firebeam virtual machine execution☆52Mar 26, 2026Updated 3 weeks ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆170Jan 23, 2026Updated 2 months ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 8 months ago
- ☆41Feb 20, 2025Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- Local SYSTEM auth trigger for relaying☆171Jul 22, 2025Updated 8 months ago
- Parses logs created by Cobalt Strike, Brute Ratel, OC2 and creates an SQLite DB which can be used to create custom reports.☆27Mar 18, 2026Updated last month
- Bypassing Amsi using LdrLoadDll☆48Jan 8, 2025Updated last year
- Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑…☆101Mar 10, 2026Updated last month
- C2-agnostic BOF collection, categorized by attack chain phase. Designed to be small and modular, allowing for quick execution and automat…☆287Apr 8, 2026Updated last week
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆106Jan 9, 2026Updated 3 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆204Feb 16, 2026Updated 2 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Umbrella will protect your shellcode from the rain.☆30Jun 4, 2025Updated 10 months ago
- kerberos in rust for fun and profit☆70Mar 13, 2026Updated last month
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆104May 6, 2024Updated last year
- Bloodhound python Ingestor using ADWS☆34Feb 4, 2026Updated 2 months ago
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 9 months ago
- ☆26Apr 10, 2026Updated last week
- ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants …☆57Jun 30, 2025Updated 9 months ago
- Aliasr is a modern, feature-rich TUI launcher for pentest commands.☆106Mar 15, 2026Updated last month
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆215Dec 17, 2025Updated 4 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆48Mar 5, 2026Updated last month
- SATO is a PowerShell tool focuses on providing flexible, multi-grant type support for obtaining, managing, and analyzing Azure tokens.☆22Nov 24, 2025Updated 4 months ago
- Use WordPress pingback.ping to transfer files.☆16Feb 25, 2024Updated 2 years ago
- A PoC for Early Cascade process injection technique.☆215Jan 30, 2025Updated last year
- Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by …☆196Updated this week
- Create Cobalt Strike malleable C2 profiles with HTTPS configs☆18May 23, 2020Updated 5 years ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 8 months ago