KINGSABRI / AggressorScripts
A collection of Cobalt Strike aggressor scripts
☆18Updated 4 years ago
Alternatives and similar repositories for AggressorScripts:
Users that are interested in AggressorScripts are comparing it to the libraries listed below
- Collect & Optimize awesome CobaltStrike aggressor scripts, hope to create a All-In-One framework.☆37Updated 5 years ago
- .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac☆61Updated 2 years ago
- PoC to interact with local/remote registry hives through WMI☆85Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆140Updated 3 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆21Updated 4 years ago
- juicypotato for win10 > 1803 & win server 2019☆97Updated 4 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- backdoor c2☆38Updated 5 years ago
- SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and s…☆62Updated 4 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆63Updated 3 years ago
- POC from TestANull for CVE-2021-28482 on Exchange Server☆45Updated 3 years ago
- ☆93Updated 3 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆51Updated 3 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆102Updated 4 years ago
- ☆70Updated 4 years ago
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆24Updated 2 years ago
- Yet another LSASS dumper☆76Updated 4 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆59Updated 4 years ago
- ☆63Updated 3 years ago
- Active Directory certificate abuse.☆38Updated 3 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆35Updated 4 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆59Updated 2 years ago
- A little scanner to check the LDAP Signing state☆46Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆143Updated 3 years ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Updated 4 years ago
- Convert Cobalt Strike profiles to IIS web.config files☆112Updated 3 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- ☆69Updated 4 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆27Updated 3 years ago