cwolff411 / powerob
An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.
☆141Updated 2 years ago
Related projects: ⓘ
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆140Updated 4 years ago
- Collection of cyphers for bloodhound☆141Updated 2 months ago
- ☆161Updated last year
- Run Rubeus via Rundll32☆193Updated 4 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆148Updated last year
- Koppeling x Metatwin x LazySign☆200Updated 3 years ago
- ☆310Updated this week
- Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it …☆156Updated 3 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆180Updated 3 years ago
- Bypassing AppLocker with C#☆136Updated 3 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆142Updated 4 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆230Updated 2 years ago
- Simple rapper for Mimikatz, bypass Defender☆139Updated 2 years ago
- ☆8Updated 3 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆121Updated 3 years ago
- Remotely enables Restricted Admin Mode☆202Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆229Updated 3 years ago
- Simple APPLocker bypass summary☆39Updated 5 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆163Updated 4 years ago
- Modular Enumeration and Password Spraying Framework☆104Updated 5 months ago
- ☆88Updated 2 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆262Updated 4 months ago
- A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object☆219Updated 4 years ago
- ☆64Updated 4 years ago
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆163Updated 2 years ago
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆208Updated 3 years ago
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆147Updated 5 years ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆213Updated 3 years ago
- ☆69Updated 3 years ago