Octoberfest7 / lnk_generator
Small project to facilitate creation of .lnk payloads
☆60Updated last year
Related projects: ⓘ
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- C# havoc implant☆90Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- Slide decks and/or materials from conference presentations☆55Updated last year
- Scripts for public use that we've randomly written, or have updated from other people's work.☆38Updated 2 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆41Updated last year
- ☆42Updated 2 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆50Updated 4 months ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆11Updated 2 years ago
- ☆69Updated 10 months ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆55Updated 5 months ago
- Python module for running BOFs☆63Updated last year
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆21Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆22Updated last year
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆22Updated last year
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆18Updated last year
- Reasonably undetected shellcode stager and executer.☆34Updated last week
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆80Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆79Updated last year
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆72Updated 3 months ago
- ☆24Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated last year
- ☆23Updated last year
- ☆57Updated 9 months ago