☆53Jun 28, 2025Updated 8 months ago
Alternatives and similar repositories for SCCMDecryptor-BOF
Users that are interested in SCCMDecryptor-BOF are comparing it to the libraries listed below
Sorting:
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 7 months ago
- .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#☆10Oct 14, 2024Updated last year
- ☆41Oct 8, 2024Updated last year
- dcsync bof☆46Feb 13, 2026Updated last month
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- BOF to steal Teams cookies☆124Nov 2, 2025Updated 4 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆93Jan 8, 2025Updated last year
- ☆147Nov 6, 2025Updated 4 months ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- ☆133Dec 4, 2023Updated 2 years ago
- ☆160Apr 17, 2024Updated last year
- ☆16Dec 7, 2025Updated 3 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- RPC to WebClient startup☆57Aug 19, 2025Updated 7 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆199Nov 4, 2025Updated 4 months ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated last year
- Enumerate Domain Users Without Authentication☆282Apr 22, 2025Updated 10 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- Comprehensive logging of all terminal input and output for each session based on Asciinema and wild zsh + Python scripting.☆42Jan 6, 2026Updated 2 months ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆65Jan 5, 2026Updated 2 months ago
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆107Jan 21, 2026Updated last month
- Parses Snaffler output file and generate beautified outputs.☆137Jan 4, 2026Updated 2 months ago
- ☆127Jan 23, 2025Updated last year
- ☆50Jun 4, 2025Updated 9 months ago
- ☆176Mar 27, 2023Updated 2 years ago
- ☆81Mar 11, 2026Updated last week
- A Crystal Palace shared library to resolve & perform syscalls☆58Oct 29, 2025Updated 4 months ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 2 months ago
- ☆139Jan 16, 2025Updated last year