PowerShell Obfuscator
☆232Aug 28, 2025Updated 6 months ago
Alternatives and similar repositories for psobf
Users that are interested in psobf are comparing it to the libraries listed below
Sorting:
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆142Jan 18, 2025Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆260Aug 13, 2024Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- ☆159Apr 4, 2025Updated 11 months ago
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆29Apr 3, 2025Updated 11 months ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆228Mar 28, 2025Updated 11 months ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆373Oct 14, 2025Updated 5 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆385Apr 26, 2025Updated 10 months ago
- ☆110Feb 17, 2025Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆384Dec 13, 2024Updated last year
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- COM ViewLogger — new malware keylogging technique☆407Jan 6, 2025Updated last year
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆118Aug 9, 2024Updated last year
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆817Mar 28, 2025Updated 11 months ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆571May 22, 2025Updated 10 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆398Jul 23, 2025Updated 7 months ago
- A red teaming attack paradigm against AI Agents☆32Mar 9, 2025Updated last year
- ☆569Mar 28, 2024Updated last year
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆261Feb 21, 2025Updated last year
- Tool for Active Directory Certificate Services enumeration and abuse☆166Apr 17, 2025Updated 11 months ago
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆512Aug 14, 2025Updated 7 months ago
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- Dominate Active Directory with PowerShell.☆1,170Nov 28, 2025Updated 3 months ago
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 4 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 3 months ago
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆835Jul 2, 2024Updated last year
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆265Dec 15, 2025Updated 3 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆465Nov 2, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆438Dec 21, 2023Updated 2 years ago
- A BloodHound collector for Microsoft Configuration Manager☆393Jul 7, 2025Updated 8 months ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 11 months ago