S3N4T0R-0X0 / APT29-Adversary-Simulation
This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions
☆30Updated 7 months ago
Alternatives and similar repositories for APT29-Adversary-Simulation:
Users that are interested in APT29-Adversary-Simulation are comparing it to the libraries listed below
- Two in one, patch lifetime powershell console, no more etw and amsi!☆84Updated 6 months ago
- ☆58Updated 9 months ago
- Inject RDPThief into memory with PowerShell.☆58Updated 3 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆60Updated 7 months ago
- Lateral Movement☆122Updated last year
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆79Updated last year
- A C2 framework built for my bachelors thesis☆55Updated 2 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆87Updated 7 months ago
- Lifetime AMSI bypass.�☆35Updated 6 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 7 months ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆78Updated 4 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆29Updated last month
- PowerShell Reverse Shell☆61Updated last year
- Source code and examples for PassiveAggression.☆54Updated 7 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Updated last year
- ☆34Updated last year
- ☆54Updated 2 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆65Updated this week
- Duplicate not owned Token from Running Process☆72Updated last year
- BloodHound PowerShell client☆48Updated 3 months ago
- Adversary Emulation Framework☆61Updated 5 months ago
- Continuous password spraying tool☆121Updated last month
- ☆92Updated 10 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆78Updated last year
- MailSecOps is an email and mail gateway security testing tool. With this script, you can perform mail spoofing, relay tests and security …☆50Updated last month
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆175Updated 2 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 5 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 8 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆152Updated last month
- ☆32Updated last month