Red Team Operator: Malware Development Essentials Course
☆100Jun 18, 2020Updated 5 years ago
Alternatives and similar repositories for RTO-Implant
Users that are interested in RTO-Implant are comparing it to the libraries listed below
Sorting:
- Cobalt Strike DNS beacon parser☆11Nov 29, 2021Updated 4 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- ☆360Apr 24, 2021Updated 4 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆19Sep 12, 2019Updated 6 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Jun 10, 2022Updated 3 years ago
- A Tool for cross-platform System Enumeration☆12Mar 20, 2017Updated 8 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- This repository is a collection of my malicious VBA projects.☆119Feb 13, 2021Updated 5 years ago
- ☆20Nov 1, 2022Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 5 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 2 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆170Aug 10, 2020Updated 5 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Evasive Process Hollowing Techniques☆142Aug 16, 2020Updated 5 years ago
- C# Script used for Red Team☆723Nov 16, 2021Updated 4 years ago
- Miscellaneous Tools☆269Oct 29, 2020Updated 5 years ago
- Collection of walk through, hints, notes, code snippets, tools logs and resources for vulnerable CTF-style boxes☆12Dec 3, 2025Updated 3 months ago
- Dump mapped PE files from memory to the disk☆20Jun 28, 2019Updated 6 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- ☆53Nov 11, 2021Updated 4 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆362Feb 24, 2023Updated 3 years ago
- ☆113Aug 5, 2020Updated 5 years ago
- Tool that automates Active Directory enumeration☆88Apr 24, 2021Updated 4 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Everything related to Cobalt Strike☆15Feb 3, 2020Updated 6 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago