jconwell / secret_handshake
A prototype malware C2 channel using x509 certificates over mTLS
☆138Updated 6 months ago
Related projects: ⓘ
- ☆119Updated last month
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆97Updated last year
- A tool to find folders excluded from AV real-time scanning using a time oracle☆230Updated 7 months ago
- The most average C2 ever (MACE)☆95Updated 2 years ago
- ☆172Updated last week
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆245Updated last year
- ☆200Updated 2 years ago
- ☆290Updated last year
- C2 Automation using Linode☆78Updated last year
- ☆117Updated last year
- ☆171Updated last month
- ☆216Updated 10 months ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Updated 2 years ago
- ☆260Updated last year
- ☆114Updated 2 months ago
- Some scripts to support with importing large datasets into BloodHound☆75Updated 9 months ago
- Red Team "Drop and Run" NAC (802.1x) Bypass☆66Updated last year
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares☆152Updated last year
- Identifies the bytes that Microsoft Defender flags on.☆75Updated 2 years ago
- Python utility that generates "imageless" QR codes in various formats☆88Updated last month
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆167Updated last month
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆164Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆136Updated last month
- Infect Shared Files In Memory for Lateral Movement☆191Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆64Updated 3 weeks ago
- ☆290Updated last year
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆94Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆239Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆214Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆316Updated 2 months ago