Mr-B0b / SpaceRunnerLinks
This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.
☆196Updated 4 years ago
Alternatives and similar repositories for SpaceRunner
Users that are interested in SpaceRunner are comparing it to the libraries listed below
Sorting:
- SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt…☆196Updated 6 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆201Updated 4 years ago
- Miscellaneous Tools☆268Updated 4 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆192Updated 4 years ago
- Executes position independent shellcode from an encrypted zip☆304Updated 4 years ago
- ☆135Updated 4 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆174Updated 5 years ago
- Create a minidump of the LSASS process from memory☆260Updated 2 years ago
- SMBExec C# module☆216Updated 4 years ago
- Dump stuff without touching disk☆164Updated 4 years ago
- Run Rubeus via Rundll32☆202Updated 5 years ago
- Find specific users in active directory via their username and logon IP address☆385Updated 5 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆265Updated 4 years ago
- A little tool to play with Outlook☆208Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆147Updated 4 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆272Updated 2 years ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆193Updated 4 years ago
- C# Wrapper around Chisel from https://github.com/jpillora/chisel☆158Updated 2 years ago
- .NET 4.0 WinRM API Command Execution☆163Updated 4 years ago
- A C# implementation of RDPThief to steal credentials from RDP.☆163Updated 4 years ago
- .NET 4.0 Project to interact with video, audio and keyboard hardware.☆217Updated 5 years ago
- A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object☆239Updated 5 years ago
- ☆177Updated 4 years ago
- Collection of tested Cobaltstrike aggressor scripts.☆118Updated 5 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Updated 5 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strike☆263Updated 5 years ago
- dem sharp donuts☆199Updated 2 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆246Updated 4 years ago
- Source for tasks I have used with Covenant☆120Updated 4 years ago
- ☆185Updated 4 years ago