it-gorillaz / lnk2pwn
Malicious Shortcut(.lnk) Generator
☆192Updated 6 years ago
Alternatives and similar repositories for lnk2pwn:
Users that are interested in lnk2pwn are comparing it to the libraries listed below
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆206Updated 2 weeks ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆257Updated 2 years ago
- Malicious Shortcut(.lnk) Generator☆80Updated 6 years ago
- Tricks the target into enabling content (macros) with fake messages. Once enabled, uses macros to reduce the risk of suspision from targe…☆169Updated 3 weeks ago
- ☆196Updated last month
- ☆365Updated 3 years ago
- Inject remote template link into word document for remote template injection☆170Updated 4 years ago
- Shellcode launcher for AV bypass☆215Updated last year
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆386Updated last year
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆240Updated 3 years ago
- MS-FSRVP coercion abuse PoC☆287Updated 3 years ago
- More examples using the Impacket library designed for learning purposes.☆263Updated 2 years ago
- Collection of remote authentication triggers in C#☆478Updated 10 months ago
- Bypass AMSI by patching AmsiScanBuffer☆259Updated 3 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆324Updated last year
- Creating a repository with all public Beacon Object Files (BoFs)☆468Updated last year
- XLL Phishing Tradecraft☆412Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆376Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆398Updated 9 months ago
- Koppeling x Metatwin x LazySign☆209Updated 3 years ago
- Run Powershell without software restrictions.☆285Updated 3 years ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆360Updated last year
- Pass the Hash to a named pipe for token Impersonation☆299Updated last year
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆276Updated 5 months ago
- Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic☆174Updated last month
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆445Updated last year
- Python tool to Check running WebClient services on multiple targets based on @leechristensen☆270Updated 3 years ago
- A User Impersonation tool - via Token or Shellcode injection☆412Updated 2 years ago
- A BOF to automate common persistence tasks for red teamers☆271Updated 2 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆125Updated 3 years ago