Mr-Un1k0d3r / Windows-SignedBinary
☆253Updated 6 years ago
Alternatives and similar repositories for Windows-SignedBinary:
Users that are interested in Windows-SignedBinary are comparing it to the libraries listed below
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆248Updated 4 years ago
- Lateral Movement technique using DCOM and HTA☆233Updated 2 years ago
- lateral movement techniques that can be used during red team exercises☆271Updated 5 years ago
- Evading WinDefender ATP credential-theft☆255Updated 5 years ago
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆154Updated 6 years ago
- DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.☆252Updated 6 years ago
- Shellcoding utilities☆222Updated 4 years ago
- DLL Generator for side loading attack☆171Updated 6 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆327Updated 5 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆168Updated 4 years ago
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆204Updated 7 years ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆90Updated 5 years ago
- Quick Malicious ClickOnceGenerator for Red Team☆249Updated 4 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆346Updated 4 years ago
- Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the a…☆121Updated last year
- The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…☆345Updated 5 months ago
- Create a minidump of the LSASS process from memory☆260Updated 2 years ago
- Apply a filter to the events being reported by windows event logging☆261Updated 4 years ago
- ☆79Updated 8 years ago
- CSHARP DCOM Fun☆128Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆216Updated 5 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆241Updated 3 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆268Updated 2 years ago
- Tools for discovery and abuse of COM hijacks☆306Updated 5 years ago
- Automated script for setting up CobaltStrike redirectors (nginx reverse proxy, letsencrypt)☆143Updated 7 years ago
- Scripts for performing and detecting parent PID spoofing☆146Updated 4 years ago
- Python api for usage with cobalt strike's External C2 specification☆236Updated 2 years ago
- Collection of scripts, binaries and the like to aid in WhiteList Evasion on a Microsoft Windows Network.☆129Updated 9 years ago
- Neutering Sysmon via driver unload☆228Updated 2 years ago
- Assorted scripts and one off things☆268Updated 8 months ago