Script to decrypt / import chromium (edge/chrome) cookies
☆15Aug 1, 2023Updated 2 years ago
Alternatives and similar repositories for cloonie
Users that are interested in cloonie are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- ☆29May 10, 2024Updated last year
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 2 months ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆12Jan 1, 2023Updated 3 years ago
- Change up a binary's embedded resources with this little creature.☆36Mar 24, 2020Updated 5 years ago
- Hide .Net assembly into png images☆36Aug 11, 2019Updated 6 years ago
- Convert binaries to shellcode (C, C#, CPP, ASM, BOF loader, PS to b64)☆18Jun 6, 2025Updated 9 months ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Jul 15, 2021Updated 4 years ago
- A C# stager for SILENTTRINITY (https://github.com/byt3bl33d3r/SILENTTRINITY)☆68Mar 6, 2020Updated 6 years ago
- Windows stuff☆16Feb 5, 2020Updated 6 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- Get or remove RunMRU values☆61Dec 11, 2019Updated 6 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- https://jimshaver.net/2018/02/22/net-over-net-breaking-the-boundaries-of-the-net-framework/☆19Feb 23, 2018Updated 8 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125May 24, 2022Updated 3 years ago
- Ansible roles to deploy RedELK☆23Feb 15, 2023Updated 3 years ago
- Are you forwarding DNS traffic to another server for some reason, but want to make sure only queries for certain names are passed? Say no…☆20Oct 16, 2022Updated 3 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 4 years ago
- ☆20Dec 20, 2023Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Sep 18, 2024Updated last year
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- ☆53Oct 20, 2020Updated 5 years ago