GhostPack / KohLinks
The Token Stealer
☆496Updated 2 years ago
Alternatives and similar repositories for Koh
Users that are interested in Koh are comparing it to the libraries listed below
Sorting:
- A Payload Loader Designed With Advanced Evasion Features☆512Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆928Updated 11 months ago
- Lifetime AMSI bypass☆627Updated last year
- .NET project for installing Persistence☆477Updated 11 months ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Updated last year
- A .NET Framework 4.0 Windows Agent☆478Updated last week
- OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…☆526Updated 2 years ago
- Stop Defender Service using C# via Token Impersonation☆171Updated 3 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆363Updated 4 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆465Updated 2 years ago
- NTLM relaying for Windows made easy☆567Updated 2 years ago
- .NET Project for performing Authenticated Remote Execution☆397Updated 2 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆546Updated 2 years ago
- C# Based Universal API Unhooker☆404Updated 3 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆460Updated 2 years ago
- Collection of remote authentication triggers in C#☆488Updated last year
- Framework for Kerberos relaying☆914Updated 3 years ago
- Manipulating and Abusing Windows Access Tokens.☆277Updated 4 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆424Updated 2 years ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆454Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆844Updated 2 years ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆308Updated 9 months ago
- Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…☆965Updated 2 weeks ago
- A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…☆534Updated 4 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆635Updated last year
- Collection of C# projects. Useful for pentesting and redteaming.☆306Updated last year
- ☆409Updated last year
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆382Updated 3 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆862Updated 4 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆772Updated last year