martinsohn / Office-phish-templates
Tricks the target into enabling content (macros) with fake messages. Once enabled, uses macros to reduce the risk of suspision from target user via verious methods.
☆162Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Office-phish-templates
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆258Updated 2 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆225Updated 2 years ago
- ☆175Updated this week
- Remotely enables Restricted Admin Mode☆205Updated 3 years ago
- Inject remote template link into word document for remote template injection☆160Updated 3 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆149Updated last year
- ☆348Updated 3 years ago
- pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Blood…☆134Updated last year
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆120Updated 3 years ago
- Start new PowerShell without etw and amsi in pure nim☆158Updated 2 years ago
- ☆180Updated 5 years ago
- Koppeling x Metatwin x LazySign☆203Updated 3 years ago
- Roast in the Middle☆268Updated last year
- ☆202Updated 2 years ago
- Malicious Shortcut(.lnk) Generator☆171Updated 5 years ago
- A BOF to automate common persistence tasks for red teamers☆267Updated last year
- ☆95Updated 2 years ago
- Bypassing AppLocker with C#☆136Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆292Updated 2 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆377Updated 7 months ago
- An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.☆139Updated 3 years ago
- Extendable payload obfuscation and delivery framework☆141Updated 2 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆297Updated 8 months ago
- Identifies the bytes that Microsoft Defender flags on.☆75Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆250Updated last year
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆368Updated last year
- A User Impersonation tool - via Token or Shellcode injection☆401Updated 2 years ago
- ☆179Updated last year
- Simple rapper for Mimikatz, bypass Defender☆139Updated 3 years ago
- Run Powershell without software restrictions.☆278Updated 3 years ago