ice-wzl / wmiexec2Links
wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures from various AV engines. It also has a handful of additional built in modules to help automate some common tasks on Red team engagements.
☆34Updated 11 months ago
Alternatives and similar repositories for wmiexec2
Users that are interested in wmiexec2 are comparing it to the libraries listed below
Sorting:
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆77Updated 2 years ago
- ☆88Updated last year
- ☆87Updated 2 years ago
- Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellco…☆39Updated 7 months ago
- ☆99Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated last year
- ☆80Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆94Updated last year
- Winsocket for Cobalt Strike.☆98Updated last year
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆84Updated 2 years ago
- ☆71Updated last year
- Library of BOFs to interact with SQL servers☆171Updated last month
- C# havoc implant☆99Updated 2 years ago
- ☆96Updated 9 months ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆134Updated 3 years ago
- Terminate AV/EDR leveraging BYOVD attack☆87Updated 2 months ago
- Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445☆45Updated last year
- Execute commands in other Sessions☆88Updated 10 months ago
- A C# port from Invoke-GhostTask☆117Updated last year
- A collection of (even more) alternative shellcode callback methods in CSharp☆74Updated 7 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆155Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆53Updated 5 months ago
- Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper☆55Updated last year
- .bin file to shellcode convertor☆37Updated 10 months ago
- Null-free shellcode for TCP reverse shell on Windows x64☆56Updated last year
- ☆44Updated last month
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆119Updated 2 years ago
- ☆158Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆36Updated 2 years ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆82Updated last month