Set of python scripts which perform different ways of command execution via WMI protocol.
☆165Jun 29, 2023Updated 2 years ago
Alternatives and similar repositories for WMIExec
Users that are interested in WMIExec are comparing it to the libraries listed below
Sorting:
- Fileless Command Execution for Lateral Movement in Nim☆389Dec 12, 2023Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- ☆129Jun 28, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 2 months ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- ☆341Nov 10, 2025Updated 3 months ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- ☆223Oct 22, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Winsocket for Cobalt Strike.☆102Jul 6, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Repository contains psexec, which will help to exploit the forgotten pipe☆172Nov 5, 2024Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆264Nov 4, 2022Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 9 months ago
- Python module for running BOFs☆79Nov 28, 2025Updated 3 months ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- ☆223Mar 10, 2024Updated last year
- ☆319Jun 28, 2023Updated 2 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- ☆242May 5, 2024Updated last year
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- ☆94May 14, 2022Updated 3 years ago