A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
☆88Oct 6, 2017Updated 8 years ago
Alternatives and similar repositories for WMI_Persistence
Users that are interested in WMI_Persistence are comparing it to the libraries listed below
Sorting:
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Mar 6, 2017Updated 8 years ago
- HTTP/S Beaconing Implant☆311Aug 25, 2017Updated 8 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆182Sep 22, 2016Updated 9 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆388Jun 25, 2024Updated last year
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- Burp plugin that clusters responses to show an overview of received responses☆15Jun 7, 2019Updated 6 years ago
- Port of eternal blue exploits to powershell☆151Jun 3, 2017Updated 8 years ago
- ☆26May 7, 2016Updated 9 years ago
- Cobalt Strike SCT payload obfuscator☆143Jul 7, 2017Updated 8 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- JavaScript Reversed TCP Meterpreter Stager☆138May 25, 2017Updated 8 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆319Dec 29, 2017Updated 8 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆526Apr 14, 2023Updated 2 years ago
- PowerView menu for Cobalt Strike☆70Mar 22, 2018Updated 7 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Network Mapping and Enumeration Framework☆22Nov 11, 2015Updated 10 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- Monitor JSON notifications feed from VT☆17Jun 13, 2017Updated 8 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- Forward local or remote tcp ports through SMB pipes.☆296Mar 7, 2021Updated 4 years ago
- A collection of useful scripts for Cobalt Strike☆172Aug 15, 2024Updated last year
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- NMAP NSE that enumerates VNC authentication types☆17Dec 21, 2010Updated 15 years ago
- IR-Tools - PowerShell tools for IR☆130Jul 10, 2017Updated 8 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆231Nov 17, 2017Updated 8 years ago
- How To Execute Shellcode via HTA☆141Feb 23, 2018Updated 8 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆105Jul 2, 2017Updated 8 years ago
- ☆80Sep 27, 2015Updated 10 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆163Apr 11, 2017Updated 8 years ago
- A set of demos and a PowerShell module to interact with DotNetInterop.☆69Apr 7, 2018Updated 7 years ago
- ☆84May 19, 2015Updated 10 years ago