An offensive toolkit for restless guests #DEFCON33
☆53Aug 11, 2025Updated 6 months ago
Alternatives and similar repositories for restless-guest
Users that are interested in restless-guest are comparing it to the libraries listed below
Sorting:
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- ☆48Dec 5, 2025Updated 3 months ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆37Feb 6, 2026Updated last month
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 8 months ago
- ☆14Sep 26, 2023Updated 2 years ago
- Token impersonation in PowerShell to execute under the context of another user.☆24Oct 14, 2025Updated 4 months ago
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- ☆31Aug 13, 2025Updated 6 months ago
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Execute shellcode via ASPNET compiler☆62Oct 2, 2025Updated 5 months ago
- Groovy Post Exploitation☆20Oct 21, 2024Updated last year
- A prototype for implementing Azure Service Principal Impersonation using Azure Functions and Key Vault. This project demonstrates an appr…☆17Feb 26, 2025Updated last year
- Early cascade injection PoC based on Outflanks blog post written in Rust☆68Dec 26, 2025Updated 2 months ago
- PowerShell module to help getting tokens using managed identities☆17Dec 29, 2024Updated last year
- Location of some Active Directory lab scripts I have created and find useful☆113Feb 2, 2026Updated last month
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆105Jan 26, 2026Updated last month
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆61Aug 18, 2025Updated 6 months ago
- A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable w…☆148Nov 16, 2025Updated 3 months ago
- ☆46Apr 2, 2022Updated 3 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 11 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- ☆33Jan 23, 2025Updated last year
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆382Jan 23, 2025Updated last year
- ☆15May 30, 2025Updated 9 months ago
- Ludus range for the Constructing Defense Lab☆106Feb 23, 2026Updated last week
- A C project that generates usernames based on input lists and format you decide yourself☆11Jan 23, 2025Updated last year
- ☆11Nov 18, 2025Updated 3 months ago
- Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.☆46Aug 13, 2025Updated 6 months ago
- ☆26Apr 1, 2022Updated 3 years ago
- Payload Generation Workflow☆40Jul 18, 2025Updated 7 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- Addon for BHCE☆58Apr 1, 2025Updated 11 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- ☆88Jul 28, 2022Updated 3 years ago