apt69 / COMahawk
Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322
☆349Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for COMahawk
- A native backdoor module for Microsoft IIS (Internet Information Services)☆532Updated 4 years ago
- A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls☆433Updated 2 years ago
- Shellcode wrapper with encryption for multiple target languages☆434Updated 7 years ago
- Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/☆170Updated 4 years ago
- CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege☆339Updated 2 years ago
- Convert Cobalt Strike profiles to modrewrite scripts☆582Updated last year
- cve-2020-0688☆320Updated last year
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆378Updated 4 years ago
- The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.☆465Updated 2 years ago
- Exchange your privileges for Domain Admin privs by abusing Exchange☆975Updated 4 years ago
- Exploit Code for CVE-2020-1472 aka Zerologon☆382Updated 4 years ago
- Cobalt Strike Python API☆292Updated 2 years ago
- eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)☆465Updated last year
- CVE-2019-1388 UAC提权 (nt authority\system)☆185Updated 4 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆868Updated 3 years ago
- New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.☆899Updated 6 years ago
- Use CVE-2020-0668 to perform an arbitrary privileged file move operation.☆210Updated 4 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆341Updated 4 years ago
- ☆347Updated 2 years ago
- Public work for CVE-2019-0708☆289Updated 4 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆329Updated last year
- Cobalt Strike kit for Lateral Movement☆645Updated 4 years ago
- ☆184Updated 3 years ago
- .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.☆511Updated 5 years ago
- SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party ap…☆257Updated 3 years ago
- ntlm relay attack to Exchange Web Services☆328Updated 6 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆791Updated 2 years ago