infosecn1nja / VeilTransferView external linksLinks
VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture.
☆152Dec 26, 2025Updated last month
Alternatives and similar repositories for VeilTransfer
Users that are interested in VeilTransfer are comparing it to the libraries listed below
Sorting:
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆46Jan 22, 2025Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆534May 9, 2025Updated 9 months ago
- C2 infrastructure over Microsoft Teams.☆737Jan 15, 2025Updated last year
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆400Jul 23, 2025Updated 6 months ago
- ☆19Aug 26, 2020Updated 5 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Oct 12, 2025Updated 4 months ago
- ☆126Sep 1, 2024Updated last year
- ☆147Oct 29, 2024Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆212Jun 10, 2024Updated last year
- This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom …☆1,036Jan 11, 2026Updated last month
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 10 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- ☆159Dec 13, 2024Updated last year
- ☆18Feb 29, 2024Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆591Jun 12, 2024Updated last year
- Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)☆147Aug 26, 2024Updated last year
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆146Aug 15, 2024Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 3 months ago
- ScriptSentry finds misconfigured and dangerous logon scripts.☆622Dec 20, 2024Updated last year
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆162Jul 14, 2025Updated 7 months ago
- An Ansible role that install the Adaptix C2 server and/or client on Debian based hosts☆179May 28, 2025Updated 8 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆270Nov 12, 2024Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- ☆168Feb 29, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 6 months ago
- ☆235Oct 8, 2024Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆399Sep 26, 2024Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆194Nov 27, 2024Updated last year
- Because AV evasion should be easy.☆855Nov 28, 2024Updated last year
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆354Jan 8, 2026Updated last month
- Stage 0☆169Dec 18, 2024Updated last year
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆376Jan 23, 2025Updated last year
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆92Aug 3, 2025Updated 6 months ago
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆358Aug 11, 2024Updated last year