HavocFramework / Modules
Modules used by the Havoc Framework
☆224Updated 9 months ago
Alternatives and similar repositories for Modules:
Users that are interested in Modules are comparing it to the libraries listed below
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆396Updated 9 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆287Updated last year
- (Demo) 3rd party agent for Havoc☆134Updated last year
- COM Hijacking VOODOO☆268Updated last week
- Patching AmsiOpenSession by forcing an error branching☆143Updated last year
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆421Updated last year
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆374Updated 7 months ago
- A BOF to automate common persistence tasks for red teamers☆273Updated 2 years ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆487Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆283Updated 10 months ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆323Updated 8 months ago
- Attempt at Obfuscated version of SharpCollection☆205Updated last month
- Kill AV/EDR leveraging BYOVD attack☆343Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆532Updated 2 months ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆451Updated 8 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆571Updated 8 months ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆296Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆320Updated 2 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆289Updated last year
- transform your payload into ipv4/ipv6/mac arrays☆169Updated 2 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆297Updated 3 years ago
- 「💀」Proof of concept on BYOVD attack☆155Updated 3 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆214Updated last year
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆445Updated last year
- ☆243Updated 2 years ago
- Payload Loader With Evasion Features☆315Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆365Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆319Updated last year
- Terminate AV/EDR Processes using kernel driver☆340Updated last year