P4ral1ax / RetrieverLinks
Basic Linux binary shim method on the passwd binary from the shadow package to steal credentials as they are changed.
☆11Updated 9 months ago
Alternatives and similar repositories for Retriever
Users that are interested in Retriever are comparing it to the libraries listed below
Sorting:
- A prototype malware C2 channel using x509 certificates over mTLS☆152Updated last year
- LD_PRELOAD rootkit☆135Updated last year
- Windows NTLM Authentication Backdoor☆18Updated 3 years ago
- Custom SOCKS proxy for redteam☆12Updated 3 years ago
- Command and Control that uses NTP as the transport protocol.☆21Updated 3 years ago
- Golang tool designed to exfiltrate passwords found via the sshd and su services☆20Updated last year
- Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL☆65Updated 2 years ago
- ☆105Updated last year
- It's what all the kids are talking about☆12Updated 2 years ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- Recreation of most of the Raccoon Infostealer's functionality, true to threat intelligence, for safe testing in organizational environmen…☆20Updated 2 years ago
- Offensive Windows security tooling that allows for persistance to the operating system.☆10Updated 4 years ago
- ☆120Updated 4 years ago
- ☆64Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated 11 months ago
- Attack chain emulator. Write recipes for initial access easily☆22Updated 6 months ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- Linux process injection PoCs☆30Updated last year
- It's pointy and it hurts!☆126Updated 2 years ago
- A collection of source code, binaries, and compilation scripts designed to bypass detection☆25Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆120Updated last year
- Bypass Malware Time Delays☆103Updated 2 years ago
- runs sliver command on all hosts, partially based on example in sliver repo☆13Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- A PoC packer written in Rust!☆73Updated 3 years ago
- Linux Sleep Obfuscation☆105Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- Python module for running BOFs☆72Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆145Updated 2 years ago