A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
☆40Jan 7, 2023Updated 3 years ago
Alternatives and similar repositories for DNSKeyGen
Users that are interested in DNSKeyGen are comparing it to the libraries listed below
Sorting:
- ☆48Feb 11, 2023Updated 3 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- ☆32Sep 23, 2022Updated 3 years ago
- ☆24Apr 28, 2024Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆155Jan 21, 2023Updated 3 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆335Jul 20, 2024Updated last year
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- ☆65Jan 17, 2026Updated 2 months ago
- A RunAs clone with the ability to specify the password as an argument.☆112Jul 2, 2023Updated 2 years ago
- Research into COM☆19Jan 25, 2020Updated 6 years ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆237Sep 3, 2023Updated 2 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆92Oct 10, 2022Updated 3 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 3 years ago
- C# Port of LdapRelayScan☆91Nov 26, 2025Updated 3 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆502May 16, 2023Updated 2 years ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆28May 30, 2022Updated 3 years ago
- ☆68Dec 9, 2022Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Feb 13, 2024Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- ☆23Mar 9, 2022Updated 4 years ago
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆90Nov 23, 2022Updated 3 years ago
- RuCTF 2022. Developed with ♥ by Hackerdom team☆11May 22, 2022Updated 3 years ago