mattifestation / WMI_Backdoor
A PoC WMI backdoor presented at Black Hat 2015
☆273Updated 9 years ago
Alternatives and similar repositories for WMI_Backdoor:
Users that are interested in WMI_Backdoor are comparing it to the libraries listed below
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆319Updated 7 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆180Updated 8 years ago
- Netview enumerates systems using WinAPI calls☆293Updated 3 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆381Updated 8 months ago
- ☆272Updated 2 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆227Updated 7 years ago
- Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…☆198Updated 7 years ago
- PowerShell Empire Web Interface☆329Updated last year
- Not PowerShell☆445Updated 8 years ago
- Uses Invoke-Shellcode to execute a payload and persist on the system.☆113Updated 8 years ago
- Port of eternal blue exploits to powershell☆150Updated 7 years ago
- Fileless web browser information extraction☆218Updated 6 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆169Updated 3 weeks ago
- ☆164Updated 9 years ago
- SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on …☆253Updated 9 years ago
- An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.☆303Updated 2 years ago
- A script to test an RDP host for sticky keys and utilman backdoor.☆257Updated 8 years ago
- Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool☆161Updated last year
- Cobalt Strike SCT payload obfuscator☆141Updated 7 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆316Updated 7 years ago
- A WebDAV PROPFIND C2 tool☆119Updated 5 years ago
- PowerShell oneliner to retrieve wdigest passwords from the memory☆219Updated 7 years ago
- Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec☆451Updated 8 years ago
- Forward local or remote tcp ports through SMB pipes.☆294Updated 4 years ago
- Inject PowerShell into any process☆225Updated 6 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆282Updated 7 years ago
- PowerDNS: Powershell DNS Delivery☆211Updated 6 years ago
- Powershell VNC injector☆334Updated 4 years ago
- Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.☆209Updated 9 years ago
- DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any m…☆295Updated 7 years ago