A library to parse, modify, and implement Malleable C2 profiles
☆27Feb 9, 2019Updated 7 years ago
Alternatives and similar repositories for MalleableC2Parser
Users that are interested in MalleableC2Parser are comparing it to the libraries listed below
Sorting:
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 6 months ago
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- ☆14Oct 25, 2019Updated 6 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Find jmp gadgets for call stack spoofing.☆75Oct 1, 2025Updated 5 months ago
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- C# DCOM Execution☆17Aug 4, 2019Updated 6 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 6 months ago
- ☆35Nov 4, 2017Updated 8 years ago
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- ☆121Jun 17, 2022Updated 3 years ago
- A script that can be deployed to Azure App for C2 / Proxy / Redirector☆41May 17, 2019Updated 6 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Mar 11, 2020Updated 5 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆66Oct 3, 2020Updated 5 years ago
- Execute Shellcode And Other Goodies From MMC☆14Jun 17, 2015Updated 10 years ago
- Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE☆11Jun 14, 2022Updated 3 years ago
- A fast python tool for creating permutations of alphanumerics☆11Mar 22, 2020Updated 5 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- Inject Frida-Gadget into a local process☆26Jul 5, 2019Updated 6 years ago
- Obtains a crackable hash for the current user account☆23Feb 3, 2019Updated 7 years ago
- CVE-2020-3452 exploit☆24Aug 1, 2020Updated 5 years ago
- Fast service fingerprinting CLI for 120+ protocols (TCP/UDP/SCTP) - built by Praetorian☆100Updated this week
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Jun 5, 2017Updated 8 years ago
- Cross-platform proxy selection with optional native authentication negotiation☆53Feb 25, 2023Updated 3 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- ☆11Aug 2, 2017Updated 8 years ago
- ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.☆13Aug 12, 2019Updated 6 years ago
- Red Team Coin for crypto-mining operations.☆23Updated this week
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆30Feb 19, 2026Updated 2 weeks ago
- Exfiltrate blind remote code execution output over DNS via Burp Collaborator.☆12Apr 26, 2020Updated 5 years ago
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago