Docker projects to retain beacon source IPs using C2 relaying infra
☆11Feb 25, 2019Updated 7 years ago
Alternatives and similar repositories for cnc-relay
Users that are interested in cnc-relay are comparing it to the libraries listed below
Sorting:
- An Android wrapper for Arc☆11May 13, 2018Updated 7 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Etwti-UnhookPOC just for test☆12Aug 23, 2022Updated 3 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- Dynamic Callbacks can be used for re-establishing communication with C2 infrastructure and for achieving persistence by using different m…☆15Oct 17, 2018Updated 7 years ago
- Capture screenshots from .NET using .NET methods or Windows API calls☆66Mar 9, 2020Updated 5 years ago
- donLoader is a shellcode loader creation tool that uses donut to convert executable payloads into shellcode to evade detection on disk.☆20Nov 24, 2021Updated 4 years ago
- A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts☆18Apr 19, 2024Updated last year
- Powershell script to diff and patch binaries☆21Sep 1, 2022Updated 3 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- ☆20Apr 21, 2020Updated 5 years ago
- ☆18Dec 16, 2023Updated 2 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Proof of concept communications from C# via a web browser process☆21Feb 15, 2019Updated 7 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- Helper script for mangling CS payloads☆51May 5, 2019Updated 6 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- 📡 A security research tool with shodan integration☆25Sep 6, 2018Updated 7 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- ☆29May 10, 2024Updated last year
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Tools for taking over Crestron Windows CE devices☆36Jul 11, 2022Updated 3 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Event Data Collector☆39Jan 12, 2026Updated last month
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- ☆12Apr 8, 2025Updated 10 months ago
- ☆10Apr 20, 2022Updated 3 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Jun 12, 2020Updated 5 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated 11 months ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago