mattifestation / WMI_Backdoor
A PoC WMI backdoor presented at Black Hat 2015
☆273Updated 9 years ago
Alternatives and similar repositories for WMI_Backdoor:
Users that are interested in WMI_Backdoor are comparing it to the libraries listed below
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆319Updated 7 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆381Updated 9 months ago
- Uses Invoke-Shellcode to execute a payload and persist on the system.☆113Updated 8 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆227Updated 7 years ago
- ☆164Updated 9 years ago
- Powershell VNC injector☆334Updated 4 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆180Updated 8 years ago
- Not PowerShell☆445Updated 8 years ago
- Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…☆198Updated 7 years ago
- Netview enumerates systems using WinAPI calls☆293Updated 3 years ago
- ☆272Updated 2 years ago
- An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.☆303Updated 2 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆160Updated 7 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆389Updated 6 years ago
- ☆120Updated 9 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆317Updated 7 years ago
- Forward local or remote tcp ports through SMB pipes.☆295Updated 4 years ago
- Port of eternal blue exploits to powershell☆150Updated 7 years ago
- ☆229Updated 6 years ago
- Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.☆209Updated 9 years ago
- This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several dif…☆441Updated last year
- DNS-Persist is a post-exploitation agent which uses DNS for command and control.☆211Updated 7 years ago
- This project is just a dumping ground for random scripts I've developed.☆138Updated 7 months ago
- Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec☆450Updated 8 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆283Updated 7 years ago
- The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification☆376Updated 5 years ago
- Cobalt Strike SCT payload obfuscator☆141Updated 7 years ago
- A WebDAV PROPFIND C2 tool☆119Updated 5 years ago
- A PowerShell example of the Windows zero day priv esc☆324Updated 6 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆285Updated 6 years ago