Modifies machine.config for persistence after installing signed .net assembly onto GAC
☆13Mar 17, 2022Updated 4 years ago
Alternatives and similar repositories for ConfigPersist
Users that are interested in ConfigPersist are comparing it to the libraries listed below
Sorting:
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- .NET 4.0 Fast Directory / File Lister☆27Sep 25, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- ☆37Jun 27, 2020Updated 5 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- Hunting for Microsoft Exchange the LDAP Way.☆35Oct 30, 2019Updated 6 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆101Sep 30, 2020Updated 5 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- ☆34Jul 23, 2018Updated 7 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 9 months ago
- ☆12Jul 2, 2023Updated 2 years ago
- ☆23May 28, 2021Updated 4 years ago
- ☆17Dec 1, 2019Updated 6 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- ☆11Jul 16, 2017Updated 8 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- A quick tool for hiding a new process running shellcode.☆57Jun 10, 2020Updated 5 years ago
- Impacket is a collection of Python classes for working with network protocols.☆17Feb 3, 2026Updated last month
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 6 months ago
- Simple powershell script to find living off land binaries and scripts on a system.☆22Aug 24, 2019Updated 6 years ago
- Cloak files using text based steganography output to obsfucate what data they contain. Coded in Powershell. This is a port of TryCatchH…☆44Feb 6, 2021Updated 5 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆38Dec 13, 2020Updated 5 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- ☆31Jul 26, 2024Updated last year
- An azure devops tool for moar automation :D☆19Dec 8, 2022Updated 3 years ago