andrecrafts / CobaltStrike-YARA-Bypass-f0b627fcView external linksLinks
Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.
☆52Oct 2, 2025Updated 4 months ago
Alternatives and similar repositories for CobaltStrike-YARA-Bypass-f0b627fc
Users that are interested in CobaltStrike-YARA-Bypass-f0b627fc are comparing it to the libraries listed below
Sorting:
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- 获取chrome 浏览器记录☆43Sep 6, 2025Updated 5 months ago
- 集权利用工具☆164Feb 28, 2025Updated 11 months ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆47Jun 15, 2022Updated 3 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Cobalt Strike BOF for evasive .NET assembly execution☆307Mar 31, 2025Updated 10 months ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated 11 months ago
- ☆41Jul 10, 2023Updated 2 years ago
- .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#☆10Oct 14, 2024Updated last year
- 利用NTLM Hash读取Exchange邮件☆58May 13, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- This is a third party agent for Havoc C2 written in golang.☆58Jan 16, 2024Updated 2 years ago
- EventViewer Bypass Uac Bof☆23Jul 23, 2022Updated 3 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆27Jun 13, 2024Updated last year
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- 重构Beacon☆164Aug 19, 2024Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆510May 19, 2025Updated 8 months ago
- ☆29May 10, 2024Updated last year
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆224Nov 23, 2023Updated 2 years ago
- Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)☆16Jun 13, 2024Updated last year
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 3 months ago
- PHP�文件上传50+绕过手法全景解析☆17Mar 16, 2025Updated 11 months ago
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆265Feb 22, 2025Updated 11 months ago
- A simple Meterpreter stager written in Rust.☆45Nov 2, 2025Updated 3 months ago
- ☆100Sep 1, 2024Updated last year
- Dump document encryption password from Office process memory☆40Mar 27, 2023Updated 2 years ago
- exchange接口爆破|邮箱爆破☆20Sep 19, 2024Updated last year
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- ☆57Jan 15, 2024Updated 2 years ago
- 一款基于PE Patch技术的后渗透免杀工具,主要支持x64☆354Mar 5, 2025Updated 11 months ago
- ☆36Mar 4, 2025Updated 11 months ago