Malicious Shortcut(.lnk) Generator
☆202Nov 23, 2018Updated 7 years ago
Alternatives and similar repositories for lnk2pwn
Users that are interested in lnk2pwn are comparing it to the libraries listed below
Sorting:
- Malicious Shortcut(.lnk) Generator☆87Nov 23, 2018Updated 7 years ago
- ☆716Mar 22, 2024Updated last year
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,100Jun 10, 2024Updated last year
- Generates malicious LNK file payloads for data exfiltration☆445Aug 21, 2017Updated 8 years ago
- A light-weight first-stage C2 implant written in Nim (and Rust).☆933Mar 2, 2026Updated last week
- Performing Indirect Clean Syscalls☆604Apr 19, 2023Updated 2 years ago
- Dumping DPAPI credz remotely☆1,329Mar 24, 2025Updated 11 months ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,470Aug 18, 2023Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,369Oct 27, 2023Updated 2 years ago
- DPAPI looting remotely and locally in Python☆542Oct 7, 2025Updated 5 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆779Jan 26, 2026Updated last month
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Paylo…☆114Dec 19, 2020Updated 5 years ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆2,130Nov 28, 2024Updated last year
- ☆1,531Aug 11, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- Havoc C2 profile generator☆103Jul 15, 2025Updated 7 months ago
- AV/EDR evasion via direct system calls.☆1,795Sep 3, 2022Updated 3 years ago
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,371Oct 22, 2025Updated 4 months ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Syscall Shellcode Loader (Work in Progress)☆1,258May 8, 2024Updated last year
- Your template-based BloodHound terminal companion tool☆446Jan 21, 2026Updated last month
- HVNC for Cobalt Strike☆1,301Dec 7, 2023Updated 2 years ago
- PowerShell rebuilt in C# for Red Teaming purposes☆1,050Feb 27, 2026Updated last week
- A C2 post-exploitation framework☆484Jan 24, 2024Updated 2 years ago
- A tool to kill antimalware protected processes☆1,507Jun 19, 2021Updated 4 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆677Aug 15, 2025Updated 6 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆371Dec 23, 2025Updated 2 months ago
- ☆1,674Apr 14, 2025Updated 10 months ago
- Remote operations commands implemented using Beacon Object Files☆1,120Feb 23, 2026Updated 2 weeks ago
- ☆14Sep 22, 2019Updated 6 years ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 10 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆505Dec 19, 2023Updated 2 years ago
- Payload Generation Framework☆1,971Aug 21, 2024Updated last year
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago