Living Off the Foreign Land setup scripts
☆75Feb 26, 2025Updated last year
Alternatives and similar repositories for lofl
Users that are interested in lofl are comparing it to the libraries listed below
Sorting:
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- A Pentesters Confluence Keyword Scanner☆17Dec 3, 2024Updated last year
- ☆14Sep 26, 2023Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- ☆125Jun 28, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆65Feb 8, 2022Updated 4 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- ☆307Mar 15, 2025Updated last year
- Set of python scripts which perform different ways of command execution via WMI protocol.☆165Jun 29, 2023Updated 2 years ago
- Azure Offensive Library☆17Oct 18, 2025Updated 5 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆680Aug 15, 2025Updated 7 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- ☆176Mar 27, 2023Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆618Jan 2, 2025Updated last year
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Aug 31, 2023Updated 2 years ago
- ☆160Apr 17, 2024Updated last year
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Tool for efficient directory enumeration☆64Jan 27, 2026Updated last month
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆337Aug 7, 2024Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- ☆143Jun 21, 2023Updated 2 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- Hide your P/Invoke signatures through other people's signed assemblies☆211Mar 10, 2024Updated 2 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆198Dec 6, 2022Updated 3 years ago