danielbohannon / Out-FINcodedCommand
POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's stdin command invocation capabilities
☆102Updated 7 years ago
Related projects: ⓘ
- ☆85Updated this week
- ☆168Updated this week
- ☆80Updated this week
- Liniaal - A communication extension to Ruler☆96Updated 6 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆161Updated 7 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.☆116Updated 4 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆181Updated 4 years ago
- Misc. PowerShell scripts☆115Updated 8 years ago
- ☆59Updated 5 years ago
- ☆76Updated this week
- Useful Threat Hunting Stuff☆31Updated 4 years ago
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- ☆84Updated this week
- ☆163Updated this week
- This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.…☆70Updated 7 years ago
- Generates anti-sandbox analysis HTA files without payloads☆118Updated 7 years ago
- Active Directory enumeration from non-domain system.☆116Updated 7 years ago
- Implementing Kerberoast attack fully in python☆72Updated 5 years ago
- ☆162Updated 9 years ago
- ☆97Updated 8 years ago
- ☆52Updated this week
- Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool☆91Updated 8 years ago
- Offensive Data Storage☆55Updated 8 years ago
- ☆110Updated this week
- ☆111Updated 7 years ago
- All the Power with no Shell☆36Updated 2 years ago
- ☆85Updated this week
- Powershell Persistence Locator☆66Updated 8 years ago
- Powershell Empire Persistence finder☆116Updated 7 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆104Updated 6 years ago