GhostPack / KohLinks
The Token Stealer
☆497Updated 2 years ago
Alternatives and similar repositories for Koh
Users that are interested in Koh are comparing it to the libraries listed below
Sorting:
- A Payload Loader Designed With Advanced Evasion Features☆512Updated 2 years ago
- Stop Defender Service using C# via Token Impersonation☆171Updated 3 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Updated last year
- NTLM relaying for Windows made easy☆567Updated 2 years ago
- Manipulating and Abusing Windows Access Tokens.☆278Updated 4 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆365Updated 4 years ago
- Lifetime AMSI bypass☆629Updated last year
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆425Updated 2 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆461Updated 2 years ago
- Framework for Kerberos relaying☆920Updated 3 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆383Updated 3 years ago
- Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"☆259Updated 2 years ago
- Collection of C# projects. Useful for pentesting and redteaming.☆308Updated last year
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆406Updated last year
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆247Updated 2 years ago
- C# Based Universal API Unhooker☆404Updated 3 years ago
- OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…☆527Updated 2 years ago
- .NET project for installing Persistence☆479Updated last year
- .NET/PowerShell/VBA Offensive Security Obfuscator☆504Updated last year
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆778Updated last year
- A unique technique to execute binaries from a password protected zip☆1,028Updated 2 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆865Updated 4 years ago
- Collection of remote authentication triggers in C#☆493Updated last year
- ☆409Updated last year
- Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration feature…☆292Updated 2 years ago
- C# Lsass parser☆295Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆556Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆468Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆551Updated 2 years ago
- A User Impersonation tool - via Token or Shellcode injection☆416Updated 3 years ago