EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify misconfigurations, assess privilege-escalation paths, and simulate attack techniques. EvilMist aims to streamline cloud-focused red-team workflows and improve the overall security posture of cloud infrastructu…
☆100Feb 4, 2026Updated 3 weeks ago
Alternatives and similar repositories for EvilMist
Users that are interested in EvilMist are comparing it to the libraries listed below
Sorting:
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated last month
- Overview of MS Defender☆81Feb 20, 2026Updated last week
- A C# tool for extracting information from SCCM PXE boot media.☆49Jan 14, 2026Updated last month
- Network scanning tool designed to detect and report changes in open ports and services over time☆12Oct 16, 2025Updated 4 months ago
- ☆10Apr 8, 2018Updated 7 years ago
- ☆26Apr 1, 2022Updated 3 years ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- ☆47Dec 5, 2025Updated 2 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆31Dec 31, 2025Updated 2 months ago
- CPL remote trigger☆43Dec 28, 2025Updated 2 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆59Nov 4, 2025Updated 3 months ago
- Execute shellcode via ASPNET compiler☆62Oct 2, 2025Updated 4 months ago
- Enhanced, Faster, Better version of the exploit☆25Dec 27, 2025Updated 2 months ago
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆45Jul 6, 2025Updated 7 months ago
- CVE-2023-50254: PoC Exploit for Deepin-reader RCE that affects unpatched Deepin Linux Desktops. Deepin Linux's default document reader "d…☆16Dec 22, 2023Updated 2 years ago
- This C# tool sprays for admin access over the entire domain☆88Dec 7, 2025Updated 2 months ago
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆127Aug 23, 2025Updated 6 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆33Jul 5, 2025Updated 7 months ago
- ☆17Dec 1, 2022Updated 3 years ago
- AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.☆44Feb 12, 2026Updated 2 weeks ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆94Dec 28, 2025Updated 2 months ago
- ☆47Feb 12, 2026Updated 2 weeks ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆33Feb 6, 2026Updated 3 weeks ago
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 6 months ago
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- ☆86Nov 18, 2022Updated 3 years ago
- ☆169Oct 21, 2025Updated 4 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆21Feb 12, 2023Updated 3 years ago
- A .NET assembly tracer using Harmony for runtime method interception.☆50Oct 24, 2025Updated 4 months ago
- This is my starred repositories including the description for each tool. Makes search/filter over them easier.☆61Feb 26, 2025Updated last year
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- this repo is for red team process and tools collection☆27Aug 29, 2021Updated 4 years ago
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base…☆47Oct 3, 2025Updated 4 months ago