Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.
☆232Dec 18, 2025Updated 2 months ago
Alternatives and similar repositories for Tangled
Users that are interested in Tangled are comparing it to the libraries listed below
Sorting:
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 3 months ago
- ☆55May 31, 2025Updated 9 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆75Nov 6, 2025Updated 3 months ago
- ☆42Dec 24, 2025Updated 2 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆115Jan 29, 2026Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 7 months ago
- ProfileHound - BloodHound OpenGraph collector for user profiles stored on domain machines. Make informed decisions about looting secrets …☆154Jan 3, 2026Updated 2 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆26Dec 20, 2025Updated 2 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆89Jan 2, 2026Updated 2 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆146Dec 6, 2025Updated 2 months ago
- ☆75Jan 1, 2026Updated 2 months ago
- Installing wazuh SIEM Unified XDR and SIEM protection☆33Jun 3, 2025Updated 9 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆71Dec 26, 2025Updated 2 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 8 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- ☆85May 15, 2025Updated 9 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆68Feb 3, 2026Updated last month
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- ☆139Jan 16, 2025Updated last year
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆43Aug 10, 2025Updated 6 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated 11 months ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 7 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- AppLocker-Based EDR Neutralization☆321Dec 19, 2025Updated 2 months ago
- Rust-powered HTTP Request Smuggling Scanner.☆104Feb 23, 2026Updated last week
- A short scraper looking for a POC of CVE-2024-49112☆14Dec 16, 2024Updated last year
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Automated Cloud Misconfiguration Testing☆22Jun 20, 2025Updated 8 months ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- ☆38Apr 15, 2025Updated 10 months ago
- Obex – Blocking unwanted DLLs in user mode☆281Sep 18, 2025Updated 5 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆222Nov 6, 2025Updated 3 months ago
- Serverless AITM Simulation Framework for Entra ID and M365☆213Dec 29, 2025Updated 2 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆274May 2, 2025Updated 10 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62May 16, 2025Updated 9 months ago