cedowens / MacC2
☆113Updated this week
Related projects: ⓘ
- Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.☆103Updated last year
- ☆99Updated 3 years ago
- Objective-C library and console to interact with Heimdal APIs for macOS Kerberos☆138Updated last year
- macOS persistence tool☆221Updated 2 years ago
- Proxy Unix applications in the terminal☆113Updated 3 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆167Updated 3 years ago
- macOS Initial Access Payload Generator☆280Updated 8 months ago
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆103Updated last year
- Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies☆152Updated last year
- ☆189Updated 4 years ago
- Tracking of offensive macOS tooling, blogs, and related helpful information☆146Updated 3 years ago
- Swift 5 macOS agent☆98Updated last month
- Collection of macOS persistence methods and miscellaneous tools in JXA☆260Updated last year
- Spray a hash via smb to check for local administrator access☆140Updated 3 years ago
- ☆73Updated this week
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆37Updated 2 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆262Updated 4 months ago
- Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments☆116Updated 3 years ago
- JavaScript for Automation (JXA) tool to do Active Directory enumeration.☆97Updated 2 years ago
- ☆88Updated this week
- This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…☆115Updated 4 years ago
- LDAP Querying without the Suck☆91Updated last year
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆66Updated last year
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆42Updated last year
- Exchangelib wrapper for pentesting☆56Updated 3 months ago
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆44Updated 3 years ago
- Payload designed for targeting Jamf enrolled devices.☆35Updated last year
- ☆80Updated 2 years ago
- ☆161Updated last year
- Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal☆104Updated 4 years ago