idfp / lnk-builderLinks
Malicious shortcut file builder for spear-phishing and red-team engagement.
☆16Updated 2 years ago
Alternatives and similar repositories for lnk-builder
Users that are interested in lnk-builder are comparing it to the libraries listed below
Sorting:
- Terminate AV/EDR leveraging BYOVD attack☆101Updated 7 months ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆84Updated 2 years ago
- A C# port from Invoke-GhostTask☆118Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆79Updated 6 months ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Updated last year
- ☆91Updated last year
- A collection of (even more) alternative shellcode callback methods in CSharp☆77Updated last year
- .bin file to shellcode convertor☆38Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆120Updated 2 years ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆83Updated 2 years ago
- ☆57Updated last year
- C# havoc implant☆101Updated 2 years ago
- ☆122Updated 2 years ago
- ☆109Updated 8 months ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆32Updated 11 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆43Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆102Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆157Updated last year
- Winsocket for Cobalt Strike.☆100Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- Null-free shellcode for TCP reverse shell on Windows x64☆58Updated last year
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆89Updated 5 months ago
- ☆128Updated 2 years ago
- Python3 HTTP Server with upload functionality☆16Updated last year
- ProcExp Driver (Ab)use☆22Updated 2 years ago
- ☆92Updated 2 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆60Updated 9 months ago
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆59Updated 2 years ago
- ☆72Updated last year
- Good CLR Host with Native patchless AMSI Bypass☆95Updated 6 months ago