jconwell / secret_handshakeLinks
A prototype malware C2 channel using x509 certificates over mTLS
☆152Updated last year
Alternatives and similar repositories for secret_handshake
Users that are interested in secret_handshake are comparing it to the libraries listed below
Sorting:
- Living Off the Foreign Land setup scripts☆71Updated 8 months ago
- ☆120Updated 4 years ago
- ☆222Updated 2 years ago
- ☆119Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆95Updated 2 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆122Updated 3 years ago
- PowerShell Obfuscation and Data Science☆178Updated 3 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆184Updated 2 years ago
- WNF Code Execution Library Using C#☆111Updated 5 years ago
- Some scripts to support with importing large datasets into BloodHound☆80Updated last year
- A tool to find folders excluded from AV real-time scanning using a time oracle☆234Updated last year
- C2 Automation using Linode☆85Updated 3 years ago
- Finding secrets in kernel and user memory☆115Updated 2 years ago
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆93Updated 2 years ago
- The most average C2 ever (MACE)☆97Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆157Updated 3 years ago
- ☆132Updated 2 years ago
- Cortex XDR Config Extractor☆135Updated 2 years ago
- ☆141Updated last year
- Collection of random RedTeam scripts.☆207Updated last year
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- Koppeling x Metatwin x LazySign☆215Updated 4 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆93Updated 2 years ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- ☆85Updated 2 years ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆145Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145Updated last year
- ☆119Updated 7 months ago
- Cross-platform post-exploitation HTTP Command & Control agent written in golang☆104Updated 6 months ago
- Decrypt GlobalProtect configuration and cookie files.☆151Updated last year