Just some random Red Team Scripts that can be useful
☆153Jun 28, 2024Updated last year
Alternatives and similar repositories for RedTeamScripts
Users that are interested in RedTeamScripts are comparing it to the libraries listed below
Sorting:
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- ☆128Jun 28, 2023Updated 2 years ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Collection of random RedTeam scripts.☆211Mar 8, 2024Updated 2 years ago
- Golang search engine scraper intended for identification of published ClickOnce deployments☆92Nov 19, 2024Updated last year
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- Decrypt Veeam database passwords☆221Dec 8, 2025Updated 3 months ago
- ☆301Oct 29, 2024Updated last year
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆618Jan 2, 2025Updated last year
- ☆319Jun 28, 2023Updated 2 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Fileless Command Execution for Lateral Movement in Nim☆389Dec 12, 2023Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 4 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆390Feb 23, 2024Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.☆275May 10, 2024Updated last year
- Click Once + App Domain☆67Feb 23, 2026Updated 3 weeks ago
- ☆716Mar 22, 2024Updated last year
- ☆125Jun 28, 2023Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆43Jun 27, 2023Updated 2 years ago
- elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative☆384Nov 2, 2023Updated 2 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- ☆133Dec 4, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- ☆291Jul 20, 2023Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆331Jul 15, 2024Updated last year