S3N4T0R-0X0 / APT28-Adversary-SimulationView external linksLinks
This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
☆38Jun 12, 2024Updated last year
Alternatives and similar repositories for APT28-Adversary-Simulation
Users that are interested in APT28-Adversary-Simulation are comparing it to the libraries listed below
Sorting:
- Payload Generation Workflow☆40Jul 18, 2025Updated 6 months ago
- This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions☆44Jun 12, 2024Updated last year
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Extra cmdlets to help with quering security related information from Azure☆14Sep 16, 2024Updated last year
- ☆14Sep 26, 2023Updated 2 years ago
- An offensive toolkit for restless guests #DEFCON33☆54Aug 11, 2025Updated 6 months ago
- Using MCP is fun with Cyberbro!☆19Jan 27, 2026Updated 2 weeks ago
- ☆20Apr 10, 2025Updated 10 months ago
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- A curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful to help you learn Azure Policy - by @JesseLoudon☆13Jan 20, 2022Updated 4 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- Evasive Payload Delivery Server & C2 Redirector☆112Nov 3, 2025Updated 3 months ago
- ☆31Aug 13, 2025Updated 6 months ago
- Creating a Bind Shell in C☆18Aug 21, 2023Updated 2 years ago
- OneDrive, operating on Microsoft Windows 11 Pro is vulnerable to DLL hijacking.☆21Nov 9, 2023Updated 2 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 2 years ago
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆71Nov 16, 2025Updated 2 months ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆43May 24, 2021Updated 4 years ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆34Feb 6, 2026Updated last week
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 10 years ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51May 8, 2024Updated last year
- This repository contains the analysis reports, technical details or any tools created for helping in malware analysis. Additionally, the …☆23Jun 17, 2025Updated 7 months ago
- Various AD tools needed for penetration testing in one place.☆24Jul 13, 2023Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Sep 18, 2024Updated last year
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- SQL Injection without the pain of syringes.☆25Apr 20, 2017Updated 8 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆58Oct 10, 2022Updated 3 years ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated last month
- XVG TOR Electrum Client for connecting to the VERGE XVG TOR Electrum Server☆28Oct 14, 2023Updated 2 years ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- ☆26Apr 1, 2022Updated 3 years ago
- ☆27Nov 7, 2023Updated 2 years ago
- ☆209Nov 28, 2023Updated 2 years ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 5 months ago
- A collection of Cortana scripts that you may use with Armitage and Cobalt Strike.☆12Jun 20, 2016Updated 9 years ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆43Jul 9, 2025Updated 7 months ago