codewhitesec / LethalHTA
Lateral Movement technique using DCOM and HTA
☆229Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for LethalHTA
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆147Updated 5 years ago
- Evading WinDefender ATP credential-theft☆253Updated 4 years ago
- CSHARP DCOM Fun☆125Updated 5 years ago
- DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.☆253Updated 6 years ago
- lateral movement techniques that can be used during red team exercises☆265Updated 4 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated 6 years ago
- Aggressor scripts for phases of a pen test or red team assessment☆175Updated 3 months ago
- CobaltStrike External C2 for Websockets☆194Updated 5 years ago
- Collection of Aggressor Scripts for Cobalt Strike☆171Updated 6 years ago
- Cobalt Strike Aggressor script menu for Powerview/SharpView☆128Updated 6 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆321Updated 5 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆244Updated 4 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆156Updated 5 years ago
- Create a minidump of the LSASS process from memory☆254Updated 2 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆281Updated 6 years ago
- ☆207Updated 5 years ago
- Constrained Language Mode + AMSI bypass all in one☆153Updated 5 years ago
- Collection of scripts, binaries and the like to aid in WhiteList Evasion on a Microsoft Windows Network.☆126Updated 9 years ago
- A collection of useful scripts for Cobalt Strike☆167Updated 3 months ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆167Updated 4 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆254Updated 5 years ago
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆199Updated 7 years ago
- Check if MS-RPRN is remotely available with powershell/c#☆171Updated 6 years ago
- A Powershell implementation of PrivExchange designed to run under the current user's context☆123Updated 5 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Updated 5 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa��…☆290Updated 4 years ago
- MSBuild Without MSBuild.exe☆155Updated 3 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆143Updated 4 years ago