crisprss / BypassUserAdd
通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化
☆335Updated 2 years ago
Alternatives and similar repositories for BypassUserAdd:
Users that are interested in BypassUserAdd are comparing it to the libraries listed below
- 自己开的cs插件☆242Updated 2 years ago
- 添加计划任务方法集合☆261Updated last year
- 远程shellcode加载&权限维持+小功能☆293Updated 9 months ago
- 提取DC日志,快速获取域用户对应IP地址☆297Updated 2 years ago
- 内网渗透|红队工具|C#内存加载|cobaltstrike☆297Updated 2 years ago
- Burp插件,Malleable C2 Profiles生成器;可以通过Burp代理选中请求,生成Cobalt Strike的profile文件(CSprofile)☆274Updated 3 years ago
- Modifying JuicyPotato to support load shellcode and webshell☆190Updated 3 years ago
- Cobalt Strike 二开项目☆181Updated 2 years ago
- ☆154Updated 8 months ago
- Mssql利用工具☆262Updated last year
- vhost password decrypt☆240Updated 4 months ago
- 获取服务器或域控登录日志☆272Updated last year
- ☆336Updated 2 years ago
- RPC远程主机信息匿名扫描工具☆314Updated 2 years ago
- Exchange 服务器安全性的辅助测试工具☆315Updated last year
- A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations M…☆204Updated 3 years ago
- 一款可以过国内所有杀软可以过云查杀的shellcode loader☆145Updated 2 years ago
- 远程创建任务计划工具☆183Updated 2 years ago
- EDR绕过demo☆288Updated last year
- 基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)☆254Updated 3 years ago
- 关于RPC一些绕EDR的tips☆163Updated last year
- CS免杀加载器☆143Updated 3 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆537Updated 3 years ago
- ☆145Updated last year
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆422Updated 11 months ago
- 重构了Cobaltstrike Beacon,行为对国内主流杀软免杀,支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.☆285Updated 2 years ago
- nim一键免杀☆212Updated 3 years ago
- Generate DLL Hijacking Payload in batches.☆123Updated 6 months ago
- 一款OutLook信息收集工具☆235Updated last year
- Memshell☆269Updated 3 years ago