GhostPack / Koh

Related projects: ⓘ

• D1rkMtr / DumpThatLSASS
  ☆469Updated this week
• NUL0x4C / TerraLdr
  A Payload Loader Designed With Advanced Evasion Features
  ☆494Updated last year
• mgeeky / PackMyPayload
  A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…
  ☆843Updated 3 months ago
• optiv / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆734Updated last year
• cube0x0 / KrbRelay
  Framework for Kerberos relaying
  ☆844Updated 2 years ago
• ZeroMemoryEx / Amsi-Killer
  Lifetime AMSI bypass
  ☆577Updated 11 months ago
• D1rkMtr / FilelessRemotePE
  ☆702Updated this week
• MythicAgents / Apollo
  A .NET Framework 4.0 Windows Agent
  ☆443Updated 3 weeks ago
• juliourena / SharpNoPSExec
  Get file less command execution for lateral movement.
  ☆598Updated 2 years ago
• Idov31 / Sandman
  Sandman is a NTP based backdoor for red team engagements in hardened networks.
  ☆766Updated 5 months ago
• pwn1sher / frostbyte
  FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
  ☆370Updated 2 years ago
• catzsec / ForceAdmin
  ⚡ Create infinite UAC prompts forcing a user to run as admin ⚡
  ☆246Updated last year
• p0dalirius / windows-coerced-authentication-methods
  A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…
  ☆483Updated 6 months ago
• post-cyberlabs / Offensive_tools
  ☆400Updated 9 months ago
• dosxuz / DefenderStop
  Stop Defender Service using C# via Token Impersonation
  ☆171Updated 2 years ago
• ShutdownRepo / pywhisker
  Python version of the C# tool for "Shadow Credentials" attacks
  ☆576Updated last month
• klezVirus / chameleon
  PowerShell Script Obfuscator
  ☆484Updated 10 months ago
• mgeeky / ProtectMyTooling
  Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…
  ☆856Updated 11 months ago
• GoSecure / WSuspicious
  WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
  ☆339Updated 3 years ago
• jfmaes / LazySign
  Create fake certs for binaries using windows binaries and the power of bat files
  ☆542Updated 5 months ago
• boh / RedCsharp
  Collection of C# projects. Useful for pentesting and redteaming.
  ☆292Updated 11 months ago
• tyranid / blackhat-usa-2022-demos
  Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"
  ☆256Updated 2 years ago
• xforcered / InvisibilityCloak
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆412Updated 2 years ago
• Dec0ne / ShadowSpray
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆441Updated last year
• S1ckB0y1337 / TokenPlayer
  Manipulating and Abusing Windows Access Tokens.
  ☆262Updated 3 years ago
• FuzzySecurity / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆681Updated 9 months ago
• zblurx / certsync
  Dump NTDS with golden certificates and UnPAC the hash
  ☆612Updated 6 months ago
• Flangvik / BetterSafetyKatz
  Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…
  ☆790Updated 3 years ago
• mgeeky / Stracciatella
  OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…
  ☆496Updated 2 years ago
• klezVirus / vortex
  VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit
  ☆420Updated 10 months ago