kluo84 / CS-notes
☆58Updated this week
Related projects: ⓘ
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 2 years ago
- ☆71Updated this week
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- ☆41Updated 2 years ago
- Tradecraft Development Fundamentals☆40Updated 3 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆49Updated 3 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Cobalt Strike profile generator using Jenkins to automate the heavy lifting☆33Updated last year
- Automating payload generation for OSEP labs and exam.☆34Updated 2 years ago
- .NET project for installing Persistence☆64Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- ☆53Updated 5 months ago
- Convert Cobalt Strike profiles to IIS web.config files☆109Updated 3 years ago
- Checks for signature requirements over LDAP☆92Updated last year
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆50Updated 4 years ago
- ☆87Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆114Updated last year
- ☆56Updated 3 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- IOXIDResolver from AirBus Security/PingCastle☆45Updated 3 years ago
- ☆69Updated 10 months ago
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 2 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆94Updated 2 years ago
- Slide decks and/or materials from conference presentations☆55Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆94Updated 3 years ago
- Get Fine Grained Password Policy☆62Updated 4 months ago
- UI for creating LNKs☆97Updated 3 years ago