Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆24Apr 4, 2023Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 2 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆104Dec 15, 2022Updated 3 years ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆46Feb 27, 2024Updated 2 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆132May 12, 2023Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆365Jul 20, 2023Updated 2 years ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆13Dec 14, 2023Updated 2 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆15Feb 13, 2024Updated 2 years ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Dec 20, 2023Updated 2 years ago
- Rewrite to fit my needs☆32Jul 20, 2024Updated last year
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆50Jan 23, 2024Updated 2 years ago
- Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local privilege escalation …☆92Feb 19, 2026Updated last month
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 2 years ago
- Ansible role to configure redirectors for red team C2☆30Nov 12, 2018Updated 7 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- The Official Sliver Armory☆138Apr 17, 2025Updated 11 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated 11 months ago
- Retrieves jobs based off criteria submitted and also returns median salary for software engineers for the hiring company.☆21Jan 27, 2026Updated last month
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Jun 25, 2024Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆58Feb 20, 2022Updated 4 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆201Jun 25, 2024Updated last year
- Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]☆27Jun 3, 2024Updated last year
- Impacket is a collection of Python classes for working with network protocols.☆31Jun 27, 2024Updated last year
- Small project to facilitate creation of .lnk payloads☆81Nov 18, 2022Updated 3 years ago
- Malicious Shortcut(.lnk) Generator☆87Nov 23, 2018Updated 7 years ago
- A PowerShell script that simplifies life and therefore... phishing.☆20Aug 16, 2022Updated 3 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year