RedSiege / CIMplantLinks
C# port of WMImplant which uses either CIM or WMI to query remote systems
☆200Updated 3 years ago
Alternatives and similar repositories for CIMplant
Users that are interested in CIMplant are comparing it to the libraries listed below
Sorting:
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆219Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆192Updated 3 years ago
- MSBuild without MSbuild.exe☆132Updated 4 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆271Updated 2 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆265Updated 4 years ago
- Cobalt Strike Beacon Object Files☆161Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆147Updated 4 years ago
- My CobaltStrike BOFS☆166Updated 2 years ago
- Spray a hash via smb to check for local administrator access☆143Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆124Updated 4 years ago
- ☆134Updated 4 years ago
- ☆113Updated 4 years ago
- CSHARP DCOM Fun☆130Updated 5 years ago
- Executes position independent shellcode from an encrypted zip☆304Updated 4 years ago
- MSBuild Without MSBuild.exe☆157Updated 4 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆173Updated 5 years ago
- Tool for interacting with outlook interop during red team engagements☆144Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆141Updated 3 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆200Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonation☆143Updated 4 years ago
- A little tool to play with Outlook☆208Updated 3 years ago
- SMBExec C# module☆216Updated 4 years ago
- Cobalt Strike Aggressor extension for Visual Studio Code☆134Updated 11 months ago
- ☆176Updated 4 years ago
- Source for tasks I have used with Covenant☆120Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonation☆302Updated last year
- nuke that event log using some epic dinvoke fu☆118Updated 4 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆217Updated 5 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆338Updated 3 years ago