Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
☆30Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for kernel-mii
Users that are interested in kernel-mii are comparing it to the libraries listed below
Sorting:
- Cobalt Strike Get clipboard plugin☆15Aug 11, 2023Updated 2 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago
- ☆30Jul 18, 2025Updated 7 months ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Jul 7, 2022Updated 3 years ago
- ☆142May 4, 2022Updated 3 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- ☆61Aug 30, 2021Updated 4 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆459Mar 25, 2024Updated last year
- ☆121Jun 17, 2022Updated 3 years ago
- Small POC for process ghosting☆40Feb 1, 2022Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆25May 23, 2022Updated 3 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- C# Data Collector for the BloodHound Project, Version 3☆37Dec 28, 2021Updated 4 years ago
- ☆74Jun 17, 2025Updated 8 months ago
- An aggressor script for Cobalt Strike to query Windows' GetLastError messages☆18Sep 25, 2022Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆109Oct 10, 2021Updated 4 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆13Jul 19, 2020Updated 5 years ago
- \ PowerAvails Powershell /☆10Jun 30, 2018Updated 7 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- Zoom Persistence Aggressor and Handler☆55Mar 24, 2021Updated 4 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- ☆36May 27, 2024Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- 改造一个基于jrmp的AMF反序列化利用工具☆16Jul 7, 2022Updated 3 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆108Jul 26, 2024Updated last year
- Some rules, scripts of some use to us☆11Oct 25, 2024Updated last year
- A script used to query the dehashed API and filter for more useful results☆16Jun 20, 2021Updated 4 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆429Jul 22, 2022Updated 3 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Nov 19, 2022Updated 3 years ago
- Inject .NET assemblies into an existing process☆508Jan 19, 2022Updated 4 years ago
- ☆28May 9, 2022Updated 3 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago