The goal of this project is to examine, reverse, and document the different modules available in the Equation Group's DanderSpritz post-exploitation framework leaked by the ShadowBrokers
☆335Jun 23, 2018Updated 7 years ago
Alternatives and similar repositories for DanderSpritz_docs
Users that are interested in DanderSpritz_docs are comparing it to the libraries listed below
Sorting:
- A fully functional DanderSpritz lab in 2 commands☆447May 16, 2019Updated 6 years ago
- Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg☆1,986Apr 14, 2017Updated 8 years ago
- HTTP/S Beaconing Implant☆311Aug 25, 2017Updated 8 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- Domain fronting using Google app engine☆53Feb 19, 2018Updated 8 years ago
- Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.☆933Jun 1, 2021Updated 4 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,317Jan 18, 2021Updated 5 years ago
- Python / C# Unmanaged PowerShell based RAT☆771Mar 29, 2023Updated 2 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆109Sep 26, 2017Updated 8 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆17Nov 29, 2017Updated 8 years ago
- Search for potential frontable domains☆644Mar 22, 2023Updated 2 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Encrypted exploit delivery for the masses☆270Sep 25, 2019Updated 6 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆760Jan 28, 2019Updated 7 years ago
- Encode powershell payload into bat files☆155Feb 1, 2018Updated 8 years ago
- PowerShell Empire Web Interface☆330May 20, 2023Updated 2 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,642Oct 11, 2018Updated 7 years ago
- Guides, Tools, Tips and such for working with the Shadow Brokers dumps☆237Dec 6, 2018Updated 7 years ago
- Executes PowerShell from an unmanaged process☆523Mar 17, 2016Updated 9 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,729Jan 16, 2026Updated last month
- Token Privilege Research☆872Sep 1, 2017Updated 8 years ago
- Excalibur is an Eternalblue exploit payload based "Powershell" for the Bashbunny project.☆134May 27, 2019Updated 6 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆95Sep 19, 2017Updated 8 years ago
- Search for categorized domain☆453Jan 15, 2019Updated 7 years ago
- Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting☆41Feb 18, 2019Updated 7 years ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆341Jul 30, 2017Updated 8 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- Meterpreter Paranoid Mode - SSL/TLS connections☆291May 14, 2019Updated 6 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Jun 5, 2017Updated 8 years ago
- Teaching old shellcode new tricks☆209Aug 1, 2017Updated 8 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,529Jun 30, 2023Updated 2 years ago
- Aggressor scripts I've made for Cobalt Strike☆413Jul 29, 2023Updated 2 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- HTA encryption tool for RedTeams☆1,422Nov 9, 2022Updated 3 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…☆351Aug 27, 2018Updated 7 years ago