A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.
☆40Jan 7, 2023Updated 3 years ago
Alternatives and similar repositories for DNSKeyGen
Users that are interested in DNSKeyGen are comparing it to the libraries listed below
Sorting:
- ☆47Feb 11, 2023Updated 3 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- ☆31Sep 23, 2022Updated 3 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Python module for running BOFs☆79Nov 28, 2025Updated 3 months ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- ☆23Apr 28, 2024Updated last year
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆90Nov 23, 2022Updated 3 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 3 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Feb 13, 2024Updated 2 years ago
- ☆64Jan 17, 2026Updated last month
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆25Feb 12, 2023Updated 3 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Oct 10, 2022Updated 3 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆13Jan 15, 2025Updated last year
- A RunAs clone with the ability to specify the password as an argument.�☆112Jul 2, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- Custom Cobalt Strike stagers using different methods of thread execution and memory allocation☆111May 24, 2020Updated 5 years ago
- ☆223Oct 22, 2023Updated 2 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- A Python script to create an administrator account on Joomla! 1.6/1.7/2.5 using a privilege escalation vulnerability☆22Feb 11, 2025Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆336Jul 20, 2024Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆155Jan 21, 2023Updated 3 years ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆301Mar 1, 2023Updated 2 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- io_uring based network scanner written in Rust☆46Oct 27, 2025Updated 4 months ago
- ☆68Dec 9, 2022Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆195Jul 9, 2021Updated 4 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago