brett-fitz / pyMalleableProfileParserLinks
Parses Cobalt Strike malleable C2 profiles.
☆56Updated last month
Alternatives and similar repositories for pyMalleableProfileParser
Users that are interested in pyMalleableProfileParser are comparing it to the libraries listed below
Sorting:
- Modified versions of the Cobalt Strike Process Injection Kit☆94Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated last year
- ProcExp Driver (Ab)use☆22Updated 2 years ago
- ☆71Updated last year
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆40Updated last year
- SAM Dumping in C#☆48Updated 4 months ago
- Beacon Object Files (not Buffer Overflows)☆55Updated 2 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆27Updated 4 years ago
- Groovy Post Exploitation☆20Updated 7 months ago
- Active Directory certificate abuse☆38Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- CVE-2024-40711-exp☆42Updated 7 months ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆36Updated 2 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆47Updated 2 months ago
- Windows Persistence Toolkit in C#☆36Updated 2 years ago
- ☆26Updated 6 months ago
- ☆25Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆20Updated 2 years ago
- ☆125Updated last year
- An aggressor script for Cobalt Strike to query Windows' GetLastError messages☆18Updated 2 years ago
- C# Port of LdapRelayScan☆83Updated 3 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Updated 8 months ago
- Tool to start processes as SYSTEM using token duplication☆38Updated 4 years ago
- ☆80Updated last year
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆55Updated 2 years ago
- ☆142Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- Secretsdump C# version only supporting local (live) operation☆49Updated last month
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆84Updated 2 years ago