This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.docx,etc') and extracting their text using Word application's COM Object. The script adds HKCU registry (no admin needed) Run key, so this script runs persistently.
☆33Jul 24, 2020Updated 5 years ago
Alternatives and similar repositories for Invoke-WordThief
Users that are interested in Invoke-WordThief are comparing it to the libraries listed below
Sorting:
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..☆20Jul 7, 2021Updated 4 years ago
- ☆22May 29, 2020Updated 5 years ago
- Bash script to take the powerkatz.dll files, encode them using base64 and then replace the old binaries with the new in the Invoke-Mimika…☆16Oct 8, 2016Updated 9 years ago
- Finding SSL Blindspots for Red Teams☆34Jul 28, 2020Updated 5 years ago
- Smuggle a file to a user's browser☆20Apr 16, 2022Updated 3 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- MiniDumpWriteDump behavior modification hook☆50Feb 15, 2021Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- ☆20Nov 1, 2022Updated 3 years ago
- Ansible role to install Cobalt Strike and optionally configure as Teamserver☆33Mar 17, 2021Updated 4 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- Spin up RedTeam infrastructure on AWS via Ansible☆64Aug 25, 2020Updated 5 years ago
- ☆113Aug 5, 2020Updated 5 years ago
- Ansible role to configure redirectors for red team C2☆30Nov 12, 2018Updated 7 years ago
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆16Nov 6, 2021Updated 4 years ago
- Templating with sinister modules☆16Jun 20, 2023Updated 2 years ago
- AV Bypass☆29Jan 12, 2018Updated 8 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- Sleep obfuscation for shellcode implants and their reflective shit☆53Sep 19, 2023Updated 2 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- Hide cool stuff in images :)☆147Aug 9, 2020Updated 5 years ago
- ☆64Jan 17, 2026Updated last month
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Jul 11, 2020Updated 5 years ago