magisterquis / alpt4ats

Related projects ⓘ

Alternatives and complementary repositories for alpt4ats

• timwhitez / JmpUnhook
  Ntdll Unhooking POC
  ☆19Updated 2 years ago
• mobdk / WinSpoof
  Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
  ☆21Updated last year
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆35Updated 5 months ago
• 0x3rhy / GetClipboard
  Cobalt Strike Get clipboard plugin
  ☆12Updated last year
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆28Updated last year
• jsecu / ElevatedEvents
  ☆29Updated 2 years ago
• VoldeSec / BOF-NPPSPY
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆15Updated last year
• mdsecactivebreach / SharpAltiris
  ☆24Updated 2 years ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆15Updated last year
• johneiser / MalleableC2Parser
  A library to parse, modify, and implement Malleable C2 profiles
  ☆21Updated 5 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆30Updated 8 months ago
• grayhatkiller / SharpExShell
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆15Updated 6 months ago
• okppp990 / phishlets
  ☆9Updated last year
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆33Updated 3 years ago
• moloch-- / DarkLoadLibrary
  LoadLibrary for offensive operations
  ☆32Updated 2 years ago
• EncodeGroup / SharpDirLister
  .NET 4.0 Fast Directory / File Lister
  ☆26Updated 4 years ago
• 17ms / airborne
  Shellcode reflective DLL injection in Rust
  ☆19Updated 8 months ago
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆18Updated 3 years ago
• EspressoCake / Needle_Sift_BOF
  Strstr with user-supplied needle and filename as a BOF.
  ☆30Updated 3 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆27Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆45Updated 3 years ago
• ChaitanyaHaritash / NIM-Scripts
  ☆18Updated 3 years ago
• slemire / bof-adopt
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆14Updated 2 years ago
• thiagomayllart / DarkMelkor
  Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.
  ☆27Updated 3 years ago
• CUHKJason / BOF-klist
  A simple BOF implementation of klist using Windows API
  ☆30Updated 2 years ago
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 3 years ago
• jonas-koeritz / amsi
  Golang wrapper for the Microsoft Antimalware Scan Interface (AMSI)
  ☆11Updated 2 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆58Updated 3 years ago
• Allevon412 / BreadManModuleStomping
  ☆38Updated last year