GhostPack / Koh
The Token Stealer
☆484Updated 2 years ago
Related projects: ⓘ
- ☆469Updated this week
- A Payload Loader Designed With Advanced Evasion Features☆494Updated last year
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆843Updated 3 months ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆734Updated last year
- Framework for Kerberos relaying☆844Updated 2 years ago
- Lifetime AMSI bypass☆577Updated 11 months ago
- ☆702Updated this week
- A .NET Framework 4.0 Windows Agent☆443Updated 3 weeks ago
- Get file less command execution for lateral movement.☆598Updated 2 years ago
- Sandman is a NTP based backdoor for red team engagements in hardened networks.☆766Updated 5 months ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆370Updated 2 years ago
- ⚡ Create infinite UAC prompts forcing a user to run as admin ⚡☆246Updated last year
- A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…☆483Updated 6 months ago
- ☆400Updated 9 months ago
- Stop Defender Service using C# via Token Impersonation☆171Updated 2 years ago
- Python version of the C# tool for "Shadow Credentials" attacks☆576Updated last month
- PowerShell Script Obfuscator☆484Updated 10 months ago
- Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…☆856Updated 11 months ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆339Updated 3 years ago
- Create fake certs for binaries using windows binaries and the power of bat files☆542Updated 5 months ago
- Collection of C# projects. Useful for pentesting and redteaming.☆292Updated 11 months ago
- Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"☆256Updated 2 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆412Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆441Updated last year
- Manipulating and Abusing Windows Access Tokens.☆262Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆681Updated 9 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆612Updated 6 months ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆790Updated 3 years ago
- OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…☆496Updated 2 years ago
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆420Updated 10 months ago