SafeBreach-Labs / SimpleBITSServer
A simple python implementation of a BITS server.
☆103Updated 2 years ago
Related projects: ⓘ
- SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers☆118Updated 10 months ago
- Code Exec via Excel☆83Updated 7 years ago
- Neutering Sysmon via driver unload☆219Updated last year
- Presentation material presented by Outflank team members at public events.☆177Updated 3 months ago
- A collection of tools to interact with Microsoft Security Response Center API☆95Updated 8 months ago
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb☆139Updated 3 years ago
- .NET 4.0 Console App to browse VMDK / VHD images and extract files☆187Updated 4 years ago
- Scripts for performing and detecting parent PID spoofing☆136Updated 4 years ago
- Simple EDR implementation to demonstrate bypass☆152Updated 4 years ago
- Python based BloodHound data importer☆143Updated last year
- Documentation and supporting script sample for Windows Exploit Guard☆148Updated 2 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆244Updated 3 years ago
- 64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.☆127Updated last year
- DLL Password Filter Implant with Exfiltration Capabilities☆133Updated 4 years ago
- ☆200Updated 2 years ago
- ☆76Updated 3 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆166Updated 4 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆102Updated 6 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆143Updated 4 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆105Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆259Updated 3 years ago
- A repository that maps API calls to Sysmon Event ID's.☆116Updated last year
- AdHoc solutions☆48Updated last year
- ☆78Updated 7 years ago
- Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.☆114Updated 2 years ago
- A repo to support the book☆103Updated 3 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆107Updated 5 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆84Updated 3 years ago
- ☆122Updated 4 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆92Updated 2 years ago