emcghee / PayloadAutomation

Related projects ⓘ

Alternatives and complementary repositories for PayloadAutomation

• snovvcrash / OffensivePipeline
  OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
  ☆90Updated 2 years ago
• Crypt0s / DelegationBOF
  ☆138Updated 2 years ago
• fortalice / pyldapsearch
  Tool for issuing manual LDAP queries which offers bofhound compatible output
  ☆48Updated 5 months ago
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆78Updated 11 months ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆123Updated 8 months ago
• 0xe7 / RoastInTheMiddle
  ☆68Updated last year
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆80Updated last year
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆86Updated 2 years ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆54Updated 2 years ago
• mlcsec / ASRenum-BOF
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆138Updated 8 months ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• S4ntiagoP / donut
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆110Updated last year
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆65Updated 6 months ago
• kymb0 / Stealth_shellcode_runners
  ☆54Updated 8 months ago
• 0xthirteen / AssemblyHunter
  Find .net assemblies locally
  ☆92Updated 2 years ago
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆110Updated last year
• csandker / pxethiefy
  ☆36Updated last month
• sensepost / thumbscr-ews
  Exchangelib wrapper for pentesting
  ☆56Updated 5 months ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆77Updated last year
• jfmaes / SharpLNKGen-UI
  UI for creating LNKs
  ☆96Updated 3 years ago
• wotwot563 / aad_prt_bof
  ☆74Updated 7 months ago
• Wh04m1001 / DiagTrackEoP
  ☆89Updated 2 years ago
• S3cur3Th1sSh1t / NamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆140Updated 3 years ago
• Nariod / laz-y
  Automating payload generation for OSEP labs and exam.
  ☆34Updated 2 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• njcve / inflate.py
  Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
  ☆118Updated 2 years ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆89Updated last year
• praetorian-inc / ADFSRelay
  Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS
  ☆173Updated 2 years ago