mertdas / RedPersist
β214Updated last year
Alternatives and similar repositories for RedPersist:
Users that are interested in RedPersist are comparing it to the libraries listed below
- A Tool that aims to evade av with binary paddingβ147Updated 9 months ago
- β223Updated 10 months ago
- π Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.β158Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.β239Updated 9 months ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilegeβ201Updated last year
- Terminate AV/EDR Processes using kernel driverβ338Updated last year
- Fileless atexec, no more need for port 445β363Updated last year
- Execute shellcode files with rundll32β197Updated last year
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are aβ¦β129Updated 2 years ago
- β163Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.β217Updated last year
- Use ESC1 to perform a makeshift DCSync and dump hashesβ203Updated last year
- Escalate Service Account To LocalSystem via Kerberosβ395Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dumpβ147Updated 6 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactionsβ291Updated 4 months ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPEβ204Updated last year
- Terminate AV/EDR leveraging BYOVD attackβ83Updated last week
- Execute shellcode from a remote-hosted bin file using Winhttp.β232Updated last year
- TeamServer and Client of Exploration Command and Control Frameworkβ120Updated 2 weeks ago
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profilesβ196Updated 9 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijackingβ227Updated last year
- Dumping LSASS with a duplicated handle from custom LSA pluginβ200Updated 3 years ago
- Evasive Golang Loaderβ130Updated 8 months ago
- β326Updated last month
- Attempt at Obfuscated version of SharpCollectionβ206Updated this week
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the cloneβ¦β192Updated 5 months ago
- Dumping lsass without mimikatz with the exfiltration of the data using FAKE ntp packetsβ83Updated this week
- β228Updated 4 months ago
- Weaponized HellsGate/SigFlipβ198Updated last year
- Set of python scripts which perform different ways of command execution via WMI protocol.β159Updated last year