WKL-Sec / Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
☆370Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for Malleable-CS-Profiles
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆531Updated 3 months ago
- Terminate AV/EDR Processes using kernel driver☆336Updated last year
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆426Updated 4 months ago
- Creating a repository with all public Beacon Object Files (BoFs)☆420Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆321Updated 10 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆389Updated this week
- Kill AV/EDR leveraging BYOVD attack☆307Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆275Updated 3 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆364Updated 4 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆405Updated 8 months ago
- Credential Guard Bypass Via Patching Wdigest Memory☆309Updated last year
- Fileless atexec, no more need for port 445☆325Updated 7 months ago
- ☆311Updated 11 months ago
- Attempt at Obfuscated version of SharpCollection☆188Updated last month
- Execute shellcode files with rundll32☆181Updated 9 months ago
- ☆229Updated 10 months ago
- Escalate Service Account To LocalSystem via Kerberos☆389Updated last year
- A BOF to automate common persistence tasks for red teamers☆267Updated last year
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆376Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆292Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆264Updated 3 months ago
- Local privilege escalation from SeImpersonatePrivilege using EfsRpc.☆304Updated 2 years ago
- shellcode loader for your evasion needs☆262Updated this week
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆298Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆265Updated 6 months ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆419Updated last year
- Go shellcode loader that combines multiple evasion techniques☆352Updated last year
- A Tool that aims to evade av with binary padding☆135Updated 4 months ago