TheCyb3rAlpha / BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
☆532Updated 2 weeks ago
Alternatives and similar repositories for BobTheSmuggler:
Users that are interested in BobTheSmuggler are comparing it to the libraries listed below
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆690Updated 10 months ago
- Proof-of-concept to demonstrate dynamic QR swap phishing attacks in practice.☆285Updated 9 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆405Updated last week
- ☆531Updated 11 months ago
- sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment☆641Updated last week
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆368Updated last month
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆467Updated 4 months ago
- A RedTeam Toolkit☆394Updated this week
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆345Updated 5 months ago
- ☆286Updated 9 months ago
- ☆310Updated last year
- Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs☆376Updated 3 months ago
- An offensive data enrichment pipeline☆669Updated last month
- This is for Ethical Use only! Update:- Currently the payloads can only bypass latest real time monitoring and not cloud based detections,…☆200Updated 2 weeks ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆353Updated 11 months ago
- A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoi…☆521Updated last year
- Redeye is a tool intended to help you manage your data during a pentest operation☆464Updated 7 months ago
- A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compil…☆974Updated 8 months ago
- C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.☆624Updated 2 months ago
- A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc☆293Updated 7 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆721Updated last year
- Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations…☆765Updated 6 months ago
- A python tool to automate KeePass discovery and secret extraction.☆477Updated 3 months ago
- This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation inc…☆581Updated last month
- Send phishing messages and attachments to Microsoft Teams users☆1,068Updated 9 months ago
- ☆291Updated last year
- A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them bi…☆341Updated 2 weeks ago
- Pen Test Report Generation and Assessment Collaboration☆475Updated this week
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆391Updated 9 months ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆532Updated 4 months ago