Scripts for public use that we've randomly written, or have updated from other people's work.
☆40Jun 25, 2024Updated last year
Alternatives and similar repositories for RandomScripts
Users that are interested in RandomScripts are comparing it to the libraries listed below
Sorting:
- ☆22Jun 21, 2022Updated 3 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆13Dec 14, 2023Updated 2 years ago
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- ☆25Feb 9, 2022Updated 4 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆102Jan 7, 2022Updated 4 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Feb 7, 2022Updated 4 years ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Dec 20, 2023Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆23Aug 27, 2022Updated 3 years ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated 2 months ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Lifetime AMSI bypass☆671Sep 26, 2023Updated 2 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- An aggressor script for Cobalt Strike to query Windows' GetLastError messages☆18Sep 25, 2022Updated 3 years ago
- Simple BOF to read the protection level of a process☆119May 10, 2023Updated 2 years ago
- Utility to craft HTML or SVG smuggled files for Red Team engagements☆247Mar 19, 2024Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- ☆106Nov 10, 2023Updated 2 years ago
- ☆176Mar 27, 2023Updated 2 years ago
- Grab unsaved Notepad contents with a Beacon Object File☆55Jun 19, 2022Updated 3 years ago
- Lifetime AMSI bypass.☆36Apr 21, 2025Updated 10 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆15Feb 13, 2024Updated 2 years ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆554Nov 23, 2025Updated 3 months ago
- ☆133Dec 4, 2023Updated 2 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- ☆40May 21, 2022Updated 3 years ago