it-gorillaz / lnk2pwnView external linksLinks
Malicious Shortcut(.lnk) Generator
☆201Nov 23, 2018Updated 7 years ago
Alternatives and similar repositories for lnk2pwn
Users that are interested in lnk2pwn are comparing it to the libraries listed below
Sorting:
- Malicious Shortcut(.lnk) Generator☆86Nov 23, 2018Updated 7 years ago
- ☆715Mar 22, 2024Updated last year
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,083Jun 10, 2024Updated last year
- Generates malicious LNK file payloads for data exfiltration☆442Aug 21, 2017Updated 8 years ago
- A light-weight first-stage C2 implant written in Nim (and Rust).☆933Mar 28, 2025Updated 10 months ago
- Performing Indirect Clean Syscalls☆603Apr 19, 2023Updated 2 years ago
- Dumping DPAPI credz remotely☆1,318Mar 24, 2025Updated 10 months ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,470Aug 18, 2023Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,364Oct 27, 2023Updated 2 years ago
- DPAPI looting remotely and locally in Python☆540Oct 7, 2025Updated 4 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆772Jan 26, 2026Updated 2 weeks ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Paylo…☆115Dec 19, 2020Updated 5 years ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆2,127Nov 28, 2024Updated last year
- ☆1,529Aug 11, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆698May 7, 2025Updated 9 months ago
- Havoc C2 profile generator☆101Jul 15, 2025Updated 7 months ago
- AV/EDR evasion via direct system calls.☆1,789Sep 3, 2022Updated 3 years ago
- DLL sideloading/proxying with Nim!☆175Dec 4, 2022Updated 3 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 3 months ago
- Beacon Object File Loader☆294Dec 3, 2023Updated 2 years ago
- Syscall Shellcode Loader (Work in Progress)☆1,255May 8, 2024Updated last year
- Your template-based BloodHound terminal companion tool☆446Jan 21, 2026Updated 3 weeks ago
- HVNC for Cobalt Strike☆1,297Dec 7, 2023Updated 2 years ago
- PowerShell rebuilt in C# for Red Teaming purposes☆1,051Jan 27, 2026Updated 2 weeks ago
- A C2 post-exploitation framework☆483Jan 24, 2024Updated 2 years ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆366Dec 23, 2025Updated last month
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆260Nov 22, 2025Updated 2 months ago
- A tool to kill antimalware protected processes☆1,509Jun 19, 2021Updated 4 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆671Aug 15, 2025Updated 6 months ago
- ☆1,665Apr 14, 2025Updated 10 months ago
- ☆1,117Jan 6, 2026Updated last month
- ☆14Sep 22, 2019Updated 6 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆502Dec 19, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆534May 9, 2025Updated 9 months ago
- Payload Generation Framework☆1,956Aug 21, 2024Updated last year
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆77Feb 8, 2023Updated 3 years ago