Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from silent in-process BOF to full PowerShell/WMI.
☆44Feb 6, 2026Updated 2 months ago
Alternatives and similar repositories for CS-EDR-Enumeration
Users that are interested in CS-EDR-Enumeration are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…☆121Dec 7, 2025Updated 4 months ago
- ☆59Dec 10, 2025Updated 4 months ago
- Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams☆35Updated this week
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆119Mar 27, 2026Updated 2 weeks ago
- Nim implementation for sud0Ru's Credential Dumping from SAM/SECURITY Hives Method (a.k.a. SilentHarvest)☆72Apr 4, 2026Updated last week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 2 months ago
- ☆43Dec 24, 2025Updated 3 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆100Jan 10, 2026Updated 3 months ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 7 months ago
- Awesome MalDev Links☆57Mar 18, 2026Updated 3 weeks ago
- A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.☆58Jul 2, 2025Updated 9 months ago
- Block Windows Defender by deny ACL☆89Jan 12, 2026Updated 2 months ago
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆254Mar 26, 2026Updated 2 weeks ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆202Feb 11, 2026Updated 2 months ago
- Automatically deploy Nemesis☆21Jun 14, 2024Updated last year
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 5 months ago
- Dump processes over WMI with MSFT_MTProcess☆85Feb 13, 2026Updated last month
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 5 months ago
- Dump protected files (SAM,SYSTEM,SECURITY) by parsing the raw NTFS partition☆40Nov 11, 2025Updated 5 months ago
- ☆26Aug 5, 2025Updated 8 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 8 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated last year
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆72Dec 15, 2025Updated 3 months ago
- Python tool to automatically perform SPN-less RBCD attacks.☆128Jan 7, 2026Updated 3 months ago
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆83Updated this week
- Advanced PoC & Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Drive…☆33Feb 4, 2026Updated 2 months ago
- ☆84Feb 12, 2026Updated last month
- An offensive toolkit for restless guests #DEFCON33☆53Aug 11, 2025Updated 8 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆79Oct 27, 2025Updated 5 months ago
- ☆38Dec 4, 2025Updated 4 months ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆95Mar 17, 2026Updated 3 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Repository focused on advanced Red Team tools and techniques, mainly created with C. It contains projects I have created to understand ma…☆21Mar 23, 2026Updated 2 weeks ago
- ☆48Dec 5, 2025Updated 4 months ago
- Modified version of PEAS client for offensive operations☆50Nov 1, 2025Updated 5 months ago
- ☆41Oct 8, 2024Updated last year
- An Ansible collection that installs an SCCM deployment with optional configurations.☆105Dec 8, 2025Updated 4 months ago
- ☆36Feb 5, 2026Updated 2 months ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆62Apr 1, 2026Updated last week