Alternatives and similar repositories for DNSWho

Users that are interested in DNSWho are comparing it to the libraries listed below

• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆218Mar 5, 2020Updated 5 years ago
• mhaskar / MalleableC2-Profiles

  View on GitHub
  A collection of Cobalt Strike Malleable C2 profiles
  ☆36Oct 13, 2020Updated 5 years ago
• RedCursorSecurityConsulting / SharpHashSpray

  View on GitHub
  An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.
  ☆19Apr 30, 2021Updated 4 years ago
• byt3bl33d3r / BOF-Nim

  View on GitHub
  Cobalt Strike BOF Files with Nim!
  ☆86Jul 10, 2022Updated 3 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• timwhitez / Doge-BlockDLLs

  View on GitHub
  Preventing 3rd Party DLLs from Injecting into your Malware
  ☆25Aug 31, 2021Updated 4 years ago
• Ridter / SharpAddDomainMachine

  View on GitHub
  SharpAddDomainMachine
  ☆69Oct 12, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass

  View on GitHub
  AmsiScanBufferBypass using D/Invoke
  ☆136Jun 17, 2021Updated 4 years ago
• EncodeGroup / UAC-SilentClean

  View on GitHub
  New UAC bypass for Silent Cleanup for CobaltStrike
  ☆191Jul 14, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpLigolo

  View on GitHub
  C# wrapper for ligolo
  ☆17Dec 9, 2021Updated 4 years ago
• crawl3r / FunWithAMSI

  View on GitHub
  A repo to hold any bypasses I work on/study/whatever
  ☆19Dec 30, 2020Updated 5 years ago
• dtrizna / DInvoke_PoC

  View on GitHub
  Hardened Proof of Concept of D/Invoke Process Injection malware
  ☆42Jul 23, 2020Updated 5 years ago
• connormcgarr / tgtdelegation

  View on GitHub
  tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"
  ☆178Nov 26, 2021Updated 4 years ago
• RalfHacker / ExchangeCheckPack

  View on GitHub
  ☆10Jun 26, 2024Updated last year
• cube0x0 / CVE-2020-1472

  View on GitHub
  ☆38Sep 14, 2020Updated 5 years ago
• Gr1mmie / SharpShellCodeObfus

  View on GitHub
  Caeser Cipher your shellcode!
  ☆21Mar 11, 2022Updated 3 years ago
• pkb1s / SharpAllowedToAct

  View on GitHub
  Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
  ☆197Feb 1, 2021Updated 5 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆282Sep 18, 2021Updated 4 years ago
• mobdk / Zeta

  View on GitHub
  Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger
  ☆58Oct 7, 2020Updated 5 years ago
• aahmad097 / ZoomPersistence

  View on GitHub
  Zoom Persistence Aggressor and Handler
  ☆55Mar 24, 2021Updated 4 years ago
• RedSiege / Screenshooter

  View on GitHub
  C# program to take a full size screenshot or a recording of the user's desktop. Takes in 0-3 flags
  ☆83Oct 2, 2020Updated 5 years ago
• rabidang3ls / HTTPsC2DoneRight

  View on GitHub
  Slightly modified version of https://raw.githubusercontent.com/killswitch-GUI/CobaltStrike-ToolKit/master/HTTPsC2DoneRight.sh
  ☆12Nov 16, 2017Updated 8 years ago
• secgroundzero / hashslack

  View on GitHub
  Small utility script to notify via Slack about Hashcat's progress during a password cracking session
  ☆10Mar 10, 2019Updated 6 years ago
• mobdk / VBA-DLL-WMI-EXECUTION

  View on GitHub
  Call your own DLL from VBA and execute code under process svchost.exe with WMI
  ☆12Mar 6, 2020Updated 5 years ago
• NocteDefensor / Sharelord

  View on GitHub
  .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#
  ☆10Oct 14, 2024Updated last year
• CCob / MirrorDump

  View on GitHub
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆269Mar 18, 2021Updated 4 years ago
• Hackcraft-Labs / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆34Nov 13, 2023Updated 2 years ago
• pwn1sher / CS-BOFs

  View on GitHub
  Collection of CobaltStrike beacon object files
  ☆105Feb 14, 2022Updated 4 years ago
• forrest-orr / artifacts-kit

  View on GitHub
  Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…
  ☆233Mar 18, 2024Updated last year
• mdsecactivebreach / CloneVault

  View on GitHub
  ☆71Nov 20, 2020Updated 5 years ago
• 3xpl01tc0d3r / Obfuscator

  View on GitHub
  The program is designed to obfuscate the shellcode.
  ☆202Jul 13, 2021Updated 4 years ago
• CUHKJason / BOF-klist

  View on GitHub
  A simple BOF implementation of klist using Windows API
  ☆32Jul 7, 2022Updated 3 years ago
• mez-0 / MoveScheduler

  View on GitHub
  .NET 4.0 Scheduled Job Lateral Movement
  ☆90Aug 25, 2020Updated 5 years ago
• tothi / malicious-service

  View on GitHub
  Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
  ☆14Nov 13, 2022Updated 3 years ago
• shantanu561993 / ParentProcessIDSpoof

  View on GitHub
  Spoof parent process ID
  ☆13Jan 23, 2019Updated 7 years ago
• WayneJLee / CsharpAmsiBypass

  View on GitHub
  C# loader for msfvenom shellcode with AMSI bypass
  ☆34Jun 13, 2020Updated 5 years ago
• Flangvik / AzureC2Relay

  View on GitHub
  AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…
  ☆233Feb 15, 2021Updated 5 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆99Sep 20, 2021Updated 4 years ago
• mez-0 / DecryptRDCManager

  View on GitHub
  .NET 4.0 Remote Desktop Manager Password Gatherer
  ☆81Sep 29, 2020Updated 5 years ago