A prototype malware C2 channel using x509 certificates over mTLS
☆152Mar 15, 2024Updated 2 years ago
Alternatives and similar repositories for secret_handshake
Users that are interested in secret_handshake are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- ☆246Dec 16, 2022Updated 3 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 4 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- Venom is a library that meant to perform evasive communication using stolen browser socket☆397Sep 26, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆363Dec 19, 2022Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆115Nov 19, 2022Updated 3 years ago
- COFF file (BOF) for managing Kerberos tickets.☆322Jul 2, 2023Updated 2 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Feb 13, 2024Updated 2 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆22Oct 6, 2021Updated 4 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- Roast in the Middle☆294Sep 19, 2025Updated 6 months ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆89Jun 24, 2022Updated 3 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆110Jan 19, 2023Updated 3 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Identify and exploit leaked handles for local privilege escalation.☆110Jun 19, 2023Updated 2 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆243Jan 4, 2023Updated 3 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆219Mar 30, 2022Updated 4 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆185Feb 12, 2023Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆101Apr 17, 2022Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- ☆155Oct 2, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆131Jan 14, 2023Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆90Nov 5, 2021Updated 4 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆250Jul 9, 2024Updated last year
- Various ways to execute shellcode☆510Mar 13, 2024Updated 2 years ago
- miscellaneous scripts and programs☆278Jan 23, 2025Updated last year