knight0x07 / Lnk2Vbs
A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.
☆31Updated last year
Related projects: ⓘ
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆28Updated 3 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆79Updated last year
- Beacon Object File implementation of Yaxser's Backstab☆13Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- A python port of CCob's ThreadlessInject☆26Updated last year
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆29Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆51Updated 2 years ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆16Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- C# project to Reflectively load .Net assemblies in memory☆15Updated 3 months ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆21Updated 2 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆76Updated 2 years ago
- Sleep Obfuscation☆39Updated last year
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆43Updated 2 years ago
- Small POC for process ghosting☆39Updated 2 years ago
- ☆53Updated this week
- ☆50Updated this week
- Bunch of BOF files☆21Updated 7 months ago
- A collection of random small Aggressor snippets that don't warrant their own repo☆22Updated last year
- Items related to the RedELK workshop given at security conferences☆25Updated 11 months ago
- ☆24Updated this week
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- AMSI Bypass for powershell☆29Updated 2 years ago
- ☆57Updated 9 months ago
- ☆39Updated this week
- API Hammering with C++20☆34Updated 2 years ago