Set of python scripts which perform different ways of command execution via WMI protocol.
☆165Jun 29, 2023Updated 2 years ago
Alternatives and similar repositories for WMIExec
Users that are interested in WMIExec are comparing it to the libraries listed below
Sorting:
- ☆128Jun 28, 2023Updated 2 years ago
- Fileless Command Execution for Lateral Movement in Nim☆389Dec 12, 2023Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆324Jun 18, 2023Updated 2 years ago
- ☆342Nov 10, 2025Updated 4 months ago
- Library of BOFs to interact with SQL servers☆227Dec 3, 2025Updated 3 months ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆741May 19, 2023Updated 2 years ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆304Sep 7, 2023Updated 2 years ago
- Repository contains psexec, which will help to exploit the forgotten pipe☆173Nov 5, 2024Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆104Jul 6, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- ☆46Jun 21, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated 2 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- ☆319Jun 28, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆286Jun 8, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆617Jan 2, 2025Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆787Jan 26, 2026Updated last month
- ☆17Jun 28, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆264Nov 4, 2022Updated 3 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 3 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,374Oct 27, 2023Updated 2 years ago
- ☆244May 5, 2024Updated last year
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- .net config loader☆349Nov 9, 2023Updated 2 years ago
- New generation of wmiexec.py☆1,269Jan 5, 2026Updated 2 months ago