d3lb3 / KeeFarceReborn

Related projects: ⓘ

• CCob / Volumiser
  ☆327Updated last week
• ly4k / PassTheChallenge
  Recovering NTLM hashes from Credential Guard
  ☆326Updated last year
• Dec0ne / DavRelayUp
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆509Updated last year
• deepinstinct / Lsass-Shtinkering
  ☆373Updated last year
• mandiant / msi-search
  ☆260Updated last year
• nettitude / Aladdin
  ☆216Updated 11 months ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆169Updated 7 months ago
• icyguider / LightsOut
  Generate an obfuscated DLL that will disable AMSI & ETW
  ☆312Updated 2 months ago
• Dec0ne / ShadowSpray
  A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…
  ☆441Updated last year
• med0x2e / NTLMRelay2Self
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆389Updated 7 months ago
• S3cur3Th1sSh1t / Ruy-Lopez
  ☆290Updated last year
• dosxuz / DefenderStop
  Stop Defender Service using C# via Token Impersonation
  ☆171Updated 2 years ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆367Updated last month
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆316Updated 2 months ago
• winsecurity / Offensive-C-Sharp
  ☆159Updated last year
• georgesotiriadis / Chimera
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆452Updated 9 months ago
• Octoberfest7 / MemFiles
  A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
  ☆418Updated 2 months ago
• mdsecactivebreach / Farmer
  ☆341Updated 3 years ago
• sensepost / impersonate
  A windows token impersonation tool
  ☆276Updated last year
• tothi / serviceDetector
  Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…
  ☆214Updated last year
• zblurx / dploot
  DPAPI looting remotely and locally in Python
  ☆406Updated last month
• Octoberfest7 / DNS_Tunneling
  DNS Tunneling using powershell to download and execute a payload. Works in CLM.
  ☆213Updated 2 years ago
• Luct0r / KerberOPSEC
  OPSEC safe Kerberoasting in C#
  ☆187Updated 2 years ago
• cube0x0 / SharpSystemTriggers
  Collection of remote authentication triggers in C#
  ☆449Updated 4 months ago
• pracsec / AmsiBypassHookManagedAPI
  A new AMSI Bypass technique using .NET ALI Call Hooking.
  ☆179Updated last year
• RedSiege / PersistAssist
  Fully modular persistence framework
  ☆249Updated last year
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆397Updated 2 years ago
• notdodo / LocalAdminSharp
  .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
  ☆150Updated last year
• gh0x0st / wanderer
  An open-source process injection enumeration tool written in C#
  ☆165Updated last year
• deepinstinct / NoFilter
  ☆290Updated last year