Ne0nd0g / merlin-agent-dll

Related projects ⓘ

Alternatives and complementary repositories for merlin-agent-dll

• LuxNoBulIshit / Smug_Fu3k
  ☆51Updated 2 years ago
• CodeXTF2 / cobaltstrike-headless
  Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
  ☆147Updated 2 years ago
• RedSiege / DigDug
  ☆70Updated 3 months ago
• xpn / ntlmquic
  POC tools for exploring SMB over QUIC protocol
  ☆121Updated 2 years ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆102Updated last year
• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆59Updated 5 months ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆78Updated last year
• xforcered / Detect-Hooks
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆97Updated 3 years ago
• calebsargent / GoProcDump
  Golng version of SharpDump that can be used to extract LSASS or any other proces. Provides token elevation prior to creating dump of high…
  ☆21Updated 4 years ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆29Updated last month
• klezVirus / SharpLdapRelayScan
  C# Port of LdapRelayScan
  ☆77Updated 2 years ago
• san3ncrypt3d / AESShellCodeInjector
  This program will take encrypted shell code and decrypt it in run time and inject it into another process
  ☆29Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆173Updated 2 years ago
• praetorian-inc / NTLMRecon
  A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
  ☆79Updated 10 months ago
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆83Updated last year
• snovvcrash / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆102Updated 2 years ago
• vonahisec / CVE-2022-47966-Scan
  Python scanner for CVE-2022-47966. Supports ~10 of the 24 affected products.
  ☆26Updated last year
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆77Updated last year
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆37Updated 4 years ago
• susMdT / SharpAgent
  C# havoc implant
  ☆96Updated last year
• iammaguire / Gotato
  Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.
  ☆111Updated 3 years ago
• 0xsp-SRD / 0xsp.com
  a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab
  ☆53Updated 6 months ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆75Updated 2 years ago
• FalconForceTeam / BOF2shellcode
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆173Updated 3 years ago
• RomanRII / jenkins-strike
  Cobalt Strike profile generator using Jenkins to automate the heavy lifting
  ☆34Updated last year
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆44Updated 10 months ago
• KINGSABRI / AssemblyLoader
  Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
  ☆32Updated 3 years ago