TartarusLabs / ExpeditusLinks
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
☆13Updated 3 years ago
Alternatives and similar repositories for Expeditus
Users that are interested in Expeditus are comparing it to the libraries listed below
Sorting:
- cobalt strike tools☆31Updated 3 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆24Updated 2 years ago
- C2 redirector as a web API☆10Updated 4 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Updated 3 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53Updated 7 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆39Updated 4 years ago
- The Hunt for Malicious Strings☆13Updated 5 years ago
- ☆12Updated 6 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆37Updated 4 years ago
- ☆18Updated 4 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 4 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆39Updated 4 years ago
- terraform deployment for red team☆25Updated 2 years ago
- Generate droppers with encrypted payloads automatically.☆54Updated 3 years ago
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Updated 5 years ago
- Collection of Offensive C# Tooling☆12Updated 3 years ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Updated 5 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Updated 2 years ago
- Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine, relaying on a valid Kerberos ticket. (Very…☆18Updated 6 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated last year
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago
- ManageEngine OpManager Decryption Tools☆32Updated 3 years ago
- ☆26Updated 4 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆28Updated last year
- Citrix Phishlet☆24Updated 4 years ago
- A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn☆102Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆68Updated last year
- A curated list of tools and techniques written from experience in weaponization of malware☆37Updated last year
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Updated 3 years ago