Idov31 / MrKaplan
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
☆258Updated last year
Alternatives and similar repositories for MrKaplan:
Users that are interested in MrKaplan are comparing it to the libraries listed below
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆447Updated 11 months ago
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆424Updated last year
- Shellcode launcher for AV bypass☆215Updated last year
- Useful C2 techniques and cheatsheets learned from engagements☆474Updated last week
- Materials for the workshop "Red Team Ops: Havoc 101"☆367Updated 5 months ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆358Updated last year
- Awesome AV/EDR/XDR Bypass Tips☆263Updated last year
- This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)☆272Updated 7 months ago
- ☆323Updated last year
- Command and Control Framework written in C#☆394Updated last year
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆383Updated 2 years ago
- Go shellcode loader that combines multiple evasion techniques☆362Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆395Updated 9 months ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆409Updated last year
- Kill AV/EDR leveraging BYOVD attack☆343Updated last year
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆374Updated 7 months ago
- XLL Phishing Tradecraft☆413Updated 2 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆228Updated 5 months ago
- Escalate Service Account To LocalSystem via Kerberos☆393Updated last year
- Terminate AV/EDR Processes using kernel driver☆340Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,196Updated last year
- Persistence by writing/reading shellcode from Event Log☆367Updated 2 years ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆572Updated 8 months ago
- Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol☆260Updated 2 years ago
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆507Updated 7 months ago
- Fileless Command Execution for Lateral Movement in Nim☆368Updated last year
- Amsi Bypass payload that works on Windwos 11☆376Updated last year
- COM Hijacking VOODOO☆268Updated last week
- UAC Bypass By Abusing Kerberos Tickets☆494Updated last year
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆365Updated 3 years ago