jconwell / secret_handshakeLinks
A prototype malware C2 channel using x509 certificates over mTLS
☆152Updated last year
Alternatives and similar repositories for secret_handshake
Users that are interested in secret_handshake are comparing it to the libraries listed below
Sorting:
- A tool to find folders excluded from AV real-time scanning using a time oracle☆234Updated last year
- Living Off the Foreign Land setup scripts☆70Updated 7 months ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆122Updated 3 years ago
- ☆120Updated 4 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆181Updated 2 years ago
- ☆121Updated last year
- Koppeling x Metatwin x LazySign☆215Updated 4 years ago
- ☆134Updated 2 years ago
- WNF Code Execution Library Using C#☆111Updated 5 years ago
- Collection of random RedTeam scripts.☆208Updated last year
- ☆222Updated last year
- Async Python library to parse local and remote disk images.☆79Updated 2 months ago
- Cross-platform post-exploitation HTTP Command & Control agent written in golang☆102Updated 5 months ago
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆93Updated 2 years ago
- ☆209Updated 5 months ago
- C2 Automation using Linode☆85Updated 3 years ago
- ☆209Updated 3 years ago
- Malware As A Service☆135Updated last year
- ☆160Updated 3 months ago
- Cortex XDR Config Extractor☆134Updated 2 years ago
- PowerShell Obfuscation and Data Science☆177Updated 3 years ago
- ☆212Updated 3 months ago
- ☆140Updated last year
- POC for frustrating/defeating Malware Analysts☆156Updated 3 years ago
- Some scripts to support with importing large datasets into BloodHound☆79Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- Decrypt GlobalProtect configuration and cookie files.☆150Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆95Updated 2 years ago
- ☆123Updated 2 years ago