SpiderLabs / SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
☆106Updated 5 years ago
Alternatives and similar repositories for SCShell:
Users that are interested in SCShell are comparing it to the libraries listed below
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆167Updated 4 years ago
- An Insider Threat Toolkit☆149Updated 6 years ago
- lateral movement techniques that can be used during red team exercises☆270Updated 5 years ago
- A HTA shell to assist with breakout assessments.☆112Updated 3 years ago
- A Powershell implementation of PrivExchange designed to run under the current user's context☆124Updated 6 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆93Updated 2 years ago
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆151Updated 6 years ago
- Tool that automates Active Directory enumeration☆89Updated 3 years ago
- Slides from my talk in "Hackinparis" 2019 edition☆91Updated 5 years ago
- Pypykatz agent implemented in .NET☆86Updated 6 years ago
- ☆125Updated 4 years ago
- C# Targeted Attack Reconnissance Tools☆121Updated 4 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆182Updated 5 years ago
- Lateral Movement technique using DCOM and HTA☆231Updated 2 years ago
- Presentation material presented by Outflank team members at public events.☆185Updated 3 months ago
- Constrained Language Mode + AMSI bypass all in one☆156Updated 5 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆75Updated 6 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.☆120Updated 4 years ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆89Updated 5 years ago
- Resources for our Active Directory security workshops☆140Updated 3 years ago
- ☆162Updated 2 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆145Updated 5 years ago
- Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.☆96Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically g…☆98Updated 2 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆158Updated 6 years ago
- ☆139Updated 5 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆248Updated 4 years ago
- Check if MS-RPRN is remotely available with powershell/c#☆173Updated 6 years ago
- Generates anti-sandbox analysis HTA files without payloads☆118Updated 8 years ago
- SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp☆138Updated 4 years ago