adityatelange / evil-winrm-pyLinks
Execute commands interactively on remote Windows machines using the WinRM protocol
☆63Updated this week
Alternatives and similar repositories for evil-winrm-py
Users that are interested in evil-winrm-py are comparing it to the libraries listed below
Sorting:
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 3 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆75Updated 3 months ago
- ☆136Updated last month
- ☆55Updated 3 months ago
- Adversary Emulation Framework☆108Updated 10 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆121Updated 8 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆115Updated 2 months ago
- A Mythic agent for Windows written in C☆123Updated last week
- ☆180Updated 2 months ago
- A tool to work with all types of Kerberos delegations (unconstrained, constrained, and resource-based constrained delegations) in Active …☆104Updated this week
- 🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.☆68Updated last month
- Active Directory Authentication Library☆73Updated last month
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆139Updated 2 months ago
- Stage 0☆160Updated 5 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆115Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆149Updated 8 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆200Updated 7 months ago
- ☆85Updated 4 months ago
- ☆111Updated 4 months ago
- ☆107Updated 3 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆165Updated 2 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆96Updated 2 months ago
- A python script that automates a C2 Profile build☆42Updated 2 months ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆48Updated 3 weeks ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆105Updated 5 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆182Updated 4 months ago
- ☆219Updated 7 months ago
- ForsHops☆136Updated 2 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆91Updated last month
- Construct the payload at runtime using an array of offsets☆63Updated 11 months ago