cwolff411 / powerob
An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.
☆141Updated 3 years ago
Alternatives and similar repositories for powerob:
Users that are interested in powerob are comparing it to the libraries listed below
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆145Updated 4 years ago
- ☆162Updated 2 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Updated 3 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Updated 4 years ago
- Collection of cyphers for bloodhound☆148Updated 8 months ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆123Updated 3 years ago
- ☆92Updated 2 years ago
- Run Rubeus via Rundll32☆199Updated 4 years ago
- Remotely enables Restricted Admin Mode☆208Updated 3 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆171Updated 5 years ago
- ☆9Updated 3 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆152Updated 2 years ago
- Simple APPLocker bypass summary☆41Updated 6 years ago
- ☆129Updated 4 years ago
- Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it …☆157Updated 3 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆323Updated 5 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆248Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆240Updated 3 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Updated 3 years ago
- A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object☆234Updated 4 years ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆217Updated 4 years ago
- SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp☆138Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆139Updated 4 years ago
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆152Updated 6 years ago
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆216Updated 4 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆268Updated last year
- Source for tasks I have used with Covenant☆120Updated 4 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆84Updated 4 years ago
- This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.☆200Updated 4 years ago
- ☆365Updated 3 years ago