The goal of this project is to examine, reverse, and document the different modules available in the Equation Group's DanderSpritz post-exploitation framework leaked by the ShadowBrokers
☆334Jun 23, 2018Updated 7 years ago
Alternatives and similar repositories for DanderSpritz_docs
Users that are interested in DanderSpritz_docs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A fully functional DanderSpritz lab in 2 commands☆448May 16, 2019Updated 6 years ago
- Getting Envisioncollision to actually work.☆15Oct 19, 2017Updated 8 years ago
- Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg☆1,989Apr 14, 2017Updated 8 years ago
- 完整版:the purported Equation Group(NSA下属) hack by the Shadow Brokers(影子经纪人)--234MB☆18Jan 25, 2018Updated 8 years ago
- Domain fronting using Google app engine☆53Feb 19, 2018Updated 8 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆17Nov 29, 2017Updated 8 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,318Jan 18, 2021Updated 5 years ago
- Encrypted exploit delivery for the masses☆271Sep 25, 2019Updated 6 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- shadowbroker SMB exploit scanner. Scans for ETERNALSYNERGY ETERNALBLUE ETERNALROMANCE ETHERNALCHAMPION☆41May 19, 2017Updated 8 years ago
- HTTP/S Beaconing Implant☆311Aug 25, 2017Updated 8 years ago
- Eternalblue & DoublePulsar scanner☆26Jun 9, 2017Updated 8 years ago
- Guides, Tools, Tips and such for working with the Shadow Brokers dumps☆239Dec 6, 2018Updated 7 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,649Oct 11, 2018Updated 7 years ago
- Python / C# Unmanaged PowerShell based RAT☆771Mar 29, 2023Updated 2 years ago
- Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.☆933Jun 1, 2021Updated 4 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆95Sep 19, 2017Updated 8 years ago
- Aggressor scripts I've made for Cobalt Strike☆412Jul 29, 2023Updated 2 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆844Jun 25, 2024Updated last year
- Search for potential frontable domains☆643Mar 22, 2023Updated 3 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆341Jul 30, 2017Updated 8 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Jun 5, 2017Updated 8 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Excalibur is an Eternalblue exploit payload based "Powershell" for the Bashbunny project.☆134May 27, 2019Updated 6 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆110Sep 26, 2017Updated 8 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆761Jan 28, 2019Updated 7 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,529Jun 30, 2023Updated 2 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,740Jan 16, 2026Updated 2 months ago
- The ORIGINAL decrypted copies of the Shadow Broker's equation_drug release. Contains Equation group's espionage DLL implants library. Use…☆26Jan 29, 2018Updated 8 years ago
- POC of code that downloads and executes shellcode in memory.☆80May 25, 2014Updated 11 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Teaching old shellcode new tricks☆209Aug 1, 2017Updated 8 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,008Jun 4, 2024Updated last year
- Encode powershell payload into bat files☆155Feb 1, 2018Updated 8 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,015Jul 3, 2018Updated 7 years ago
- Meterpreter Paranoid Mode - SSL/TLS connections☆291May 14, 2019Updated 6 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago