hackvens / CoercedPotato

Related projects: ⓘ

• Ridter / atexec-pro
  Fileless atexec, no more need for port 445
  ☆320Updated 5 months ago
• wh0amitz / S4UTomato
  Escalate Service Account To LocalSystem via Kerberos
  ☆387Updated last year
• fin3ss3g0d / ASPJinjaObfuscator
  Heavily obfuscated ASP web shell generation tool.
  ☆158Updated 4 months ago
• crisprss / RasmanPotato
  Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
  ☆365Updated last year
• WKL-Sec / Malleable-CS-Profiles
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆355Updated 6 months ago
• Prepouce / CoercedPotato
  A Windows potato to privesc
  ☆336Updated 3 weeks ago
• N1k0la-T / CVE-2023-36745
  ☆163Updated 10 months ago
• EvilGreys / Cobalt-Strike-Profiles-for-EDR-Evasion
  ☆161Updated this week
• mertdas / SharpIncrease
  A Tool that aims to evade av with binary padding
  ☆113Updated 2 months ago
• mertdas / SharpTerminator
  Terminate AV/EDR Processes using kernel driver
  ☆306Updated last year
• senzee1984 / micr0_shell
  micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
  ☆147Updated last month
• NVISOsecurity / CVE-2024-26229-BOF
  ☆205Updated this week
• Workingdaturah / Payload-Generator
  An aggressor script that can help automate payload building in Cobalt Strike
  ☆107Updated 7 months ago
• mertdas / RedPersist
  ☆213Updated 6 months ago
• 0xEr3bus / RdpStrike
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆224Updated 3 months ago
• EvilGreys / Hide-CobaltStrike
  ☆144Updated this week
• BishopFox / CVE-2023-3519
  RCE exploit for CVE-2023-3519
  ☆218Updated last year
• tylerdotrar / SigmaPotato
  SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…
  ☆217Updated 4 months ago
• EvilBytecode / EDR-XDR-AV-Killer
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆228Updated 2 months ago
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆269Updated last month
• MzHmO / LeakedWallpaper
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆214Updated last month
• wh0amitz / BypassCredGuard
  Credential Guard Bypass Via Patching Wdigest Memory
  ☆304Updated last year
• testanull / MS-SharePoint-July-Patch-RCE-PoC
  ☆116Updated 2 months ago
• XiaoliChan / RedCaddy
  C2 redirector base on caddy
  ☆190Updated 3 months ago
• YOLOP0wn / POSTDump
  ☆310Updated 10 months ago
• Zerx0r / dvenom
  🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
  ☆155Updated last year
• sinsinology / CVE-2023-20887
  VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
  ☆231Updated last year
• f1zm0 / hades
  Go shellcode loader that combines multiple evasion techniques
  ☆337Updated last year
• antonioCoco / SspiUacBypass
  Bypassing UAC with SSPI Datagram Contexts
  ☆335Updated 11 months ago
• wh0amitz / KRBUACBypass
  UAC Bypass By Abusing Kerberos Tickets
  ☆469Updated last year