☆107Nov 10, 2023Updated 2 years ago
Alternatives and similar repositories for RedWizard
Users that are interested in RedWizard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Nim Shellcode Injector☆15Jan 24, 2021Updated 5 years ago
- A simple reverse ssh/proxy implant PoC for *nix systems.☆57Jul 5, 2024Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Jun 25, 2024Updated last year
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- Infrastructure Automation☆357Apr 12, 2024Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- EDRSandblast-GodFault☆271Aug 28, 2023Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- malware written for educational purposes☆71Dec 31, 2025Updated 2 months ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆95Jun 18, 2024Updated last year
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆160Jul 14, 2025Updated 8 months ago
- A broken-by-design Azure environment to practice and train security skills in the cloud domain.☆27Oct 20, 2025Updated 5 months ago
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- ☆49Apr 9, 2025Updated 11 months ago
- Automatically deploy preconfigured SSL ready GoPhish instances into Azure using Terraform.☆17Apr 30, 2021Updated 4 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- ☆189Nov 21, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆154Aug 2, 2023Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆97Apr 13, 2023Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Aug 31, 2023Updated 2 years ago
- ☆12Oct 9, 2022Updated 3 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- ☆234Oct 8, 2024Updated last year
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆371Jan 29, 2026Updated last month
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated 2 years ago
- Quick and dirty dynamic redirect.rules generator☆170Oct 12, 2022Updated 3 years ago
- ☆153Oct 2, 2023Updated 2 years ago
- ☆46Jun 21, 2023Updated 2 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- Nemesis agent for Mythic☆28Dec 11, 2025Updated 3 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆41May 31, 2024Updated last year