eladshamir / RPC-Backdoor

Related projects ⓘ

Alternatives and complementary repositories for RPC-Backdoor

• NVISOsecurity / CobaltWhispers
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆227Updated last year
• xpn / ntlmquic
  POC tools for exploring SMB over QUIC protocol
  ☆121Updated 2 years ago
• rsmudge / unhook-bof
  Remove API hooks from a Beacon process.
  ☆262Updated 3 years ago
• waldo-irc / YouMayPasser
  You shall pass
  ☆249Updated 2 years ago
• FalconForceTeam / BOF2shellcode
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆173Updated 3 years ago
• EspressoCake / Self_Deletion_BOF
  BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
  ☆169Updated 3 years ago
• EspressoCake / DLL-Hijack-Search-Order-BOF
  DLL Hijack Search Order Enumeration BOF
  ☆141Updated 3 years ago
• evilashz / CheeseOunce
  Coerce Windows machines auth via MS-EVEN
  ☆153Updated 10 months ago
• mdsecactivebreach / DragonCastle
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆292Updated 2 years ago
• Sh0ckFR / InlineWhispers2
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆178Updated 2 years ago
• hrtywhy / BOF-CobaltStrike
  Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
  ☆76Updated 2 years ago
• EspressoCake / Defender_Exclusions-BOF
  A BOF to determine Windows Defender exclusions.
  ☆240Updated last year
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆266Updated last year
• paranoidninja / PIC-Get-Privileges
  Building and Executing Position Independent Shellcode from Object Files in Memory
  ☆153Updated 3 years ago
• Kudaes / Dumpy
  Reuse open handles to dynamically dump LSASS.
  ☆234Updated 7 months ago
• xenoscr / SysWhispers2
  AV/EDR evasion via direct system calls.
  ☆106Updated 11 months ago
• nettitude / RunOF
  ☆139Updated last year
• kyleavery / TitanLdr
  Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.
  ☆134Updated 2 years ago
• mlcsec / ASRenum-BOF
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆138Updated 8 months ago
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆173Updated 2 years ago
• klezVirus / NimlineWhispers3
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆138Updated 2 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• Wh04m1001 / SysmonEoP
  ☆181Updated last year
• S3cur3Th1sSh1t / SharpNamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆294Updated 11 months ago
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆250Updated last year