EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify misconfigurations, assess privilege-escalation paths, and simulate attack techniques. EvilMist aims to streamline cloud-focused red-team workflows and improve the overall security posture of cloud infrastructu…
☆125Feb 25, 2026Updated 3 weeks ago
Alternatives and similar repositories for EvilMist
Users that are interested in EvilMist are comparing it to the libraries listed below
Sorting:
- Overview of MS Defender☆118Feb 20, 2026Updated last month
- This C# tool sprays for admin access over the entire domain☆90Dec 7, 2025Updated 3 months ago
- Fast Windows post-exploitation wins after initial access.☆29Jan 28, 2026Updated last month
- A C# tool for extracting information from SCCM PXE boot media.☆51Jan 14, 2026Updated 2 months ago
- Run TTPs, with AI!☆107Feb 23, 2026Updated 3 weeks ago
- Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups …☆45Updated this week
- Enhanced, Faster, Better version of the exploit☆25Dec 27, 2025Updated 2 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆32Dec 31, 2025Updated 2 months ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆40Mar 3, 2026Updated 2 weeks ago
- AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.☆52Mar 13, 2026Updated last week
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆80Mar 12, 2026Updated last week
- Visualize Microsoft Defender XDR process trees and security events☆32Aug 24, 2025Updated 6 months ago
- CPL remote trigger☆43Dec 28, 2025Updated 2 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- A .NET assembly tracer using Harmony for runtime method interception.☆50Oct 24, 2025Updated 4 months ago
- ☆47Nov 16, 2023Updated 2 years ago
- Enumerate your Kubernetes cluster with just 1 command☆11Mar 11, 2026Updated last week
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆131Aug 23, 2025Updated 6 months ago
- Microsoft Developer Blogs Search Tool☆25Apr 24, 2025Updated 10 months ago
- Azure apim mini proxy☆54Feb 16, 2026Updated last month
- ☆26Apr 1, 2022Updated 3 years ago
- Automated Phishing Tool☆11May 27, 2020Updated 5 years ago
- Nuclei plugin for BurpSuite☆15Nov 29, 2024Updated last year
- Two WinForms GUI tools for enumerating, searching, and exfiltrating data from M365 environments using application-level OAuth tokens☆149Mar 4, 2026Updated 2 weeks ago
- Some security by obscurity using port-jumping.☆14Aug 21, 2025Updated 6 months ago
- Exhaustive search and flexible filtering of Active Directory ACEs.☆77Nov 10, 2025Updated 4 months ago
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆97Dec 28, 2025Updated 2 months ago
- ☆48Dec 5, 2025Updated 3 months ago
- this repo is for red team process and tools collection☆29Aug 29, 2021Updated 4 years ago
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base…☆47Oct 3, 2025Updated 5 months ago
- A beginner-friendly collection of Rust notes focused on Red Team Tooling • Malware Development • Systems Programming • Rust Fundamentals☆59Nov 24, 2025Updated 3 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated 2 months ago
- You wonder how to manage your travelers ? In this scenario we describe how to manage them with Identity Governance and Conditional Access…☆11Mar 20, 2024Updated 2 years ago
- A Red Team Activity Hub☆235Mar 5, 2026Updated 2 weeks ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- Network scanning tool designed to detect and report changes in open ports and services over time☆13Oct 16, 2025Updated 5 months ago
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago