crisprss/BypassUserAdd

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/crisprss/BypassUserAdd)

crisprss / BypassUserAdd

通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化

☆343

Alternatives and similar repositories for BypassUserAdd

Users that are interested in BypassUserAdd are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

yanghaoi / CobaltStrike_CNA
View on GitHub
使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。
☆555Jan 18, 2022Updated 4 years ago
Rvn0xsy / PassDecode-jar
View on GitHub
帆软/致远密码解密工具
☆360Jul 29, 2021Updated 4 years ago
Yihsiwei / GetOut360
View on GitHub
强制关闭360 需要管理员权限
☆171Feb 6, 2022Updated 4 years ago
seventeenman / CallBackDump
View on GitHub
dump lsass进程工具
☆562Jul 20, 2023Updated 2 years ago
An0nySec / UserAdd
View on GitHub
Bypass AV 用户添加
☆169Dec 30, 2021Updated 4 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
mai1zhi2 / SharpBeacon
View on GitHub
CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
☆730Sep 1, 2021Updated 4 years ago
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆775Jan 26, 2022Updated 4 years ago
crisprss / PetitPotam
View on GitHub
替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …
☆150Mar 13, 2022Updated 4 years ago
JDArmy / DCSec
View on GitHub
域控安全one for all
☆738Sep 9, 2024Updated last year
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,473Apr 25, 2024Updated last year
Rvn0xsy / SchtaskCreator
View on GitHub
远程创建任务计划工具
☆191Apr 23, 2022Updated 3 years ago
JDArmy / RPCSCAN
View on GitHub
RPC远程主机信息匿名扫描工具
☆319Sep 30, 2022Updated 3 years ago
achuna33 / Memoryshell-JavaALL
View on GitHub
收集内存马打入方式
☆508May 20, 2022Updated 3 years ago
lintstar / LSTAR
View on GitHub
LSTAR - CobaltStrike 综合后渗透插件
☆1,266Jan 30, 2022Updated 4 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
lele8 / SharpUserIP
View on GitHub
获取服务器或域控登录日志
☆277Sep 8, 2023Updated 2 years ago
Aquilao / GoTokenTheft
View on GitHub
Token stealing tool written by Go. Bypass Kaspersky,Defender,Avira, etc./Go 编写的 Token 窃取工具。免杀卡巴、Defender、小红伞等杀软
☆189Jan 16, 2025Updated last year
hayasec / 360SafeBrowsergetpass
View on GitHub
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
☆638Apr 4, 2021Updated 5 years ago
9bie / sshdHooker
View on GitHub
One-click injection into the SSHD process to record and send the password for ssh login
☆426Mar 12, 2024Updated 2 years ago
novysodope / RMI_Inj_MemShell
View on GitHub
rmi打内存马工具，适用于目标用不了ldap的情况
☆254Jul 12, 2023Updated 2 years ago
passer-W / shc_bypass
View on GitHub
内存加载shellcode绕过waf
☆209Jul 25, 2022Updated 3 years ago
Ryze-T / cdb-wds
View on GitHub
利用白名单文件 cdb.exe 执行 shellcode
☆215Jun 29, 2022Updated 3 years ago
lengjibo / NetUser
View on GitHub
使用windows api添加用户，可用于net无法使用时.分为nim版，c++版本，RDI版，BOF版。
☆421Sep 29, 2021Updated 4 years ago
0x727 / SchTask_0x727
View on GitHub
创建隐藏计划任务，权限维持，Bypass AV
☆560Sep 1, 2021Updated 4 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
Peithon / JustC2file
View on GitHub
Burp插件，Malleable C2 Profiles生成器；可以通过Burp代理选中请求，生成Cobalt Strike的profile文件(CSprofile)
☆293Jan 15, 2022Updated 4 years ago
JDArmy / SharpXDecrypt
View on GitHub
Xshell全版本密码恢复工具
☆935Jun 8, 2023Updated 2 years ago
Adminisme / SharpRDPLog
View on GitHub
Windows rdp相关的登录记录导出工具，可用于后渗透中Windows服务器的信息收集阶段。输出内容包括：本地rdp端口、mstsc缓存、cmdkey缓存、登录成功、失败日志事件。
☆283Jun 23, 2024Updated last year
Ciyfly / microwaveo
View on GitHub
将dll exe 等转成shellcode 最后输出exe 可定制加载器模板支持白文件的捆绑 shellcode 加密
☆367Sep 8, 2022Updated 3 years ago
0671 / RedisModules-ExecuteCommand-for-Windows
View on GitHub
可在Windows下执行系统命令的Redis模块，可用于Redis主从复制攻击。
☆265Nov 25, 2022Updated 3 years ago
Wrin9 / weaverOA_sql_RCE
View on GitHub
泛微OA_V9全版本的SQL远程代码执行漏洞
☆157Apr 20, 2022Updated 3 years ago
Dr-S1x17 / NoNetCmdEcho-FileW.e
View on GitHub
应对渗透中极限环境下命令回显 & 文件落地
☆133Jul 1, 2022Updated 3 years ago
Tas9er / ByPassBehinder4J
View on GitHub
冰蝎Java WebShell自动化免杀生成
☆784Mar 15, 2022Updated 4 years ago
FunnyWolf / TFirewall
View on GitHub
防火墙出网探测工具,内网穿透型socks5代理
☆270Nov 12, 2021Updated 4 years ago
NordVPN Threat Protection Pro™ • Ad
Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
evilashz / SharpADUserIP
View on GitHub
提取DC日志，快速获取域用户对应IP地址
☆311Mar 21, 2022Updated 4 years ago
czz1233 / GBByPass
View on GitHub
冰蝎哥斯拉 WebShell bypass
☆765Jan 15, 2026Updated 2 months ago
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,034Jan 3, 2025Updated last year
safe6Sec / GolangBypassAV
View on GitHub
研究利用golang各种姿势bypassAV
☆818Apr 11, 2022Updated 3 years ago
uknowsec / SharpEventLog
View on GitHub
c# 读取登录过本机的登录失败或登录成功（4624，4625）的所有计算机信息，在内网渗透中快速定位运维管理人员。
☆206Oct 15, 2019Updated 6 years ago
SkewwG / domainTools
View on GitHub
内网域渗透小工具
☆732Apr 20, 2021Updated 4 years ago
evilashz / PigScheduleTask
View on GitHub
添加计划任务方法集合
☆310Aug 6, 2023Updated 2 years ago