WMI Event Subscription Persistence in C#
☆112May 29, 2019Updated 6 years ago
Alternatives and similar repositories for WMIPersistence
Users that are interested in WMIPersistence are comparing it to the libraries listed below
Sorting:
- SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.☆93Feb 15, 2021Updated 5 years ago
- ☆54Apr 27, 2019Updated 6 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- External C2 Using IE COM Objects☆101Feb 24, 2019Updated 7 years ago
- ObscurityLabs RedTeam C# Toolkit☆123Sep 3, 2019Updated 6 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆330Jul 7, 2023Updated 2 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- ☆208May 1, 2020Updated 5 years ago
- (Small change to make it easier to test the payload and combine it with SILENTTRINITY.)A tool for generating .NET serialized gadgets that…☆43Mar 2, 2020Updated 5 years ago
- lateral movement techniques that can be used during red team exercises☆273Jan 13, 2020Updated 6 years ago
- C# DCOM Execution☆17Aug 4, 2019Updated 6 years ago
- Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the a…☆124Jul 7, 2023Updated 2 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆37Jun 26, 2019Updated 6 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)☆197Feb 1, 2021Updated 5 years ago
- Tool to create hidden registry keys.☆491Oct 23, 2019Updated 6 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Dec 30, 2018Updated 7 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆155Mar 15, 2019Updated 6 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Aug 7, 2020Updated 5 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 st…☆200Jan 23, 2020Updated 6 years ago
- Hide .Net assembly into png images☆36Aug 11, 2019Updated 6 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- Credential Dumper☆79Feb 19, 2020Updated 6 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- Aggregation of Cobalt Strike's aggressor scripts.☆142Mar 31, 2018Updated 7 years ago
- Collection of C# scripts☆341Feb 8, 2017Updated 9 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago