TartarusLabs / ExpeditusLinks
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
☆13Updated 3 years ago
Alternatives and similar repositories for Expeditus
Users that are interested in Expeditus are comparing it to the libraries listed below
Sorting:
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Updated 3 years ago
- C2 redirector as a web API☆10Updated 4 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53Updated 7 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Updated 2 years ago
- cobalt strike tools☆31Updated 4 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆41Updated 4 years ago
- The Hunt for Malicious Strings☆13Updated 5 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated last year
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆39Updated 4 years ago
- A curated list of tools and techniques written from experience in weaponization of malware☆39Updated 2 years ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Updated 5 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆39Updated 4 years ago
- Generate droppers with encrypted payloads automatically.☆54Updated 4 years ago
- ☆26Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 5 years ago
- ☆12Updated 6 years ago
- Collection of Offensive C# Tooling☆13Updated 4 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Updated 3 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆28Updated last year
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆35Updated 4 years ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Updated 3 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 4 years ago
- HTML smuggling is not an evil, it can be useful☆14Updated 2 years ago
- terraform deployment for red team☆25Updated 3 years ago
- Citrix Phishlet☆24Updated 4 years ago
- ☆22Updated 6 months ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆29Updated 5 years ago
- D/Invoke port of UrbanBishop☆108Updated 5 years ago
- Find Inbound Email Domains☆35Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago