cedowens / MacC2

Related projects: ⓘ

• cedowens / Swift-Attack
  Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.
  ☆103Updated last year
• XMCyber / MacHound
  ☆99Updated 3 years ago
• its-a-feature / bifrost
  Objective-C library and console to interact with Heimdal APIs for macOS Kerberos
  ☆138Updated last year
• CyborgSecurity / PoisonApple
  macOS persistence tool
  ☆221Updated 2 years ago
• djhohnstein / cliProxy
  Proxy Unix applications in the terminal
  ☆113Updated 3 years ago
• nccgroup / pybeacon
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆167Updated 3 years ago
• D00MFist / Mystikal
  macOS Initial Access Payload Generator
  ☆280Updated 8 months ago
• antman1p / Conf-Thief
  A Red Team tool for exfiltrating sensitive data from Confluence pages.
  ☆103Updated last year
• slyd0g / WhiteChocolateMacademiaNut
  Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies
  ☆152Updated last year
• fox-it / LDAPFragger
  ☆189Updated 4 years ago
• its-a-feature / offensive_macos
  Tracking of offensive macOS tooling, blogs, and related helpful information
  ☆146Updated 3 years ago
• MythicAgents / hermes
  Swift 5 macOS agent
  ☆98Updated last month
• D00MFist / PersistentJXA
  Collection of macOS persistence methods and miscellaneous tools in JXA
  ☆260Updated last year
• rvrsh3ll / SharpSMBSpray
  Spray a hash via smb to check for local administrator access
  ☆140Updated 3 years ago
• cedowens / MacShell
  ☆73Updated this week
• cedowens / Spotlight-Enum-Kit
  JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.
  ☆37Updated 2 years ago
• byt3bl33d3r / pyMalleableC2
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆262Updated 4 months ago
• FatRodzianko / Get-RBCD-Threaded
  Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments
  ☆116Updated 3 years ago
• its-a-feature / Orchard
  JavaScript for Automation (JXA) tool to do Active Directory enumeration.
  ☆97Updated 2 years ago
• jfmaes / SharpRDPDump
  ☆88Updated this week
• Static-Flow / CloudCopy
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆115Updated 4 years ago
• shellster / LDAPPER
  LDAP Querying without the Suck
  ☆91Updated last year
• RedSiege / FunctionalC2
  A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!
  ☆66Updated last year
• cedowens / SwiftBelt-JXA
  JXA implementation of some SwiftBelt functions. Author: Cedric Owens
  ☆42Updated last year
• sensepost / thumbscr-ews
  Exchangelib wrapper for pentesting
  ☆56Updated 3 months ago
• cedowens / Mythic-Macro-Generator
  Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
  ☆44Updated 3 years ago
• MythicAgents / typhon
  Payload designed for targeting Jamf enrolled devices.
  ☆35Updated last year
• redteamwiki / redteamwiki
  ☆80Updated 2 years ago
• 3xpl01tc0d3r / Callidus
  ☆161Updated last year
• goichot / CVE-2020-3153
  Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal
  ☆104Updated 4 years ago