SafeBreach-Labs / SimpleBITSServer

Related projects: ⓘ

• nccgroup / SCOMDecrypt
  SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers
  ☆118Updated 10 months ago
• moohax / xllpoc
  Code Exec via Excel
  ☆83Updated 7 years ago
• matterpreter / Shhmon
  Neutering Sysmon via driver unload
  ☆219Updated last year
• outflanknl / Presentations
  Presentation material presented by Outflank team members at public events.
  ☆177Updated 3 months ago
• Immersive-Labs-Sec / msrc-api
  A collection of tools to interact with Microsoft Security Response Center API
  ☆95Updated 8 months ago
• nccgroup / Carnivore
  Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb
  ☆139Updated 3 years ago
• leftp / VmdkReader
  .NET 4.0 Console App to browse VMDK / VHD images and extract files
  ☆187Updated 4 years ago
• WithSecureLabs / ppid-spoofing
  Scripts for performing and detecting parent PID spoofing
  ☆136Updated 4 years ago
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆152Updated 4 years ago
• fox-it / bloodhound-import
  Python based BloodHound data importer
  ☆143Updated last year
• palantir / exploitguard
  Documentation and supporting script sample for Windows Exploit Guard
  ☆148Updated 2 years ago
• bohops / GhostBuild
  GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects
  ☆244Updated 3 years ago
• boku7 / winx64-InjectAllProcessesMeterpreter-Shellcode
  64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
  ☆127Updated last year
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆133Updated 4 years ago
• Allevon412 / TeamsImplant
  ☆200Updated 2 years ago
• dirkjanm / ROADtoken
  ☆76Updated 3 years ago
• violentlydave / mkhtaccess_red
  Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…
  ☆166Updated 4 years ago
• cobbr / InsecurePowerShell
  InsecurePowerShell is PowerShell with some security features removed.
  ☆102Updated 6 years ago
• FuzzySecurity / BlueHatIL-2020
  BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET
  ☆143Updated 4 years ago
• SpiderLabs / SCShell
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆105Updated 4 years ago
• bats3c / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆259Updated 3 years ago
• jsecurity101 / Windows-API-To-Sysmon-Events
  A repository that maps API calls to Sysmon Event ID's.
  ☆116Updated last year
• DidierStevens / AdHoc
  AdHoc solutions
  ☆48Updated last year
• n0pe-sled / WMI-Persistence
  ☆78Updated 7 years ago
• bohops / RogueAssemblyHunter
  Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
  ☆114Updated 2 years ago
• ahhh / Cybersecurity-Tradecraft
  A repo to support the book
  ☆103Updated 3 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 5 years ago
• deadjakk / Reg1c1de
  Registry permission scanner written in C# for finding potential privesc avenues within registry
  ☆84Updated 3 years ago
• mdsecactivebreach / sitrep
  ☆122Updated 4 years ago
• elnerd / Get-NetNTLM
  Powershell module to get the NetNTLMv2 hash of the current user
  ☆92Updated 2 years ago