TartarusLabs / ExpeditusLinks
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
☆13Updated 3 years ago
Alternatives and similar repositories for Expeditus
Users that are interested in Expeditus are comparing it to the libraries listed below
Sorting:
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Updated 2 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53Updated 7 years ago
- C2 redirector as a web API☆10Updated 4 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆41Updated 4 years ago
- cobalt strike tools☆31Updated 4 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 5 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Updated 3 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated last year
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Updated 5 years ago
- The Hunt for Malicious Strings☆13Updated 5 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Updated 3 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Updated 4 years ago
- IOXIDResolver from AirBus Security/PingCastle☆51Updated 5 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆28Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Updated 3 years ago
- A curated list of tools and techniques written from experience in weaponization of malware☆39Updated 2 years ago
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆35Updated 4 years ago
- Eating 2FA for Breakfast☆58Updated 3 years ago
- Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine, relaying on a valid Kerberos ticket. (Very…☆18Updated 6 years ago
- ☆60Updated 4 years ago
- Generate droppers with encrypted payloads automatically.☆54Updated 4 years ago
- My doodles as I learn C#☆76Updated 5 years ago
- Malicious Shortcut(.lnk) Generator☆86Updated 7 years ago
- D/Invoke port of UrbanBishop☆108Updated 5 years ago
- Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.☆33Updated 3 years ago
- terraform deployment for red team☆26Updated 3 years ago
- ☆26Updated 4 years ago
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆26Updated 2 years ago