Slides and Code for the BHUSA 2019 talk: Flying a False Flag
☆238Nov 8, 2019Updated 6 years ago
Alternatives and similar repositories for FlyingAFalseFlag
Users that are interested in FlyingAFalseFlag are comparing it to the libraries listed below
Sorting:
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- ☆169Dec 8, 2022Updated 3 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- ☆110May 14, 2018Updated 7 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Aug 7, 2020Updated 5 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- lateral movement techniques that can be used during red team exercises☆273Jan 13, 2020Updated 6 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…☆180Sep 11, 2023Updated 2 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆808Aug 28, 2022Updated 3 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,729Jan 16, 2026Updated last month
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆155Mar 15, 2019Updated 6 years ago
- FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.☆254May 1, 2023Updated 2 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Constrained Language Mode + AMSI bypass all in one☆157Jul 29, 2019Updated 6 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- Proper Payload Protection Prevents Poor Performance☆76Jul 27, 2022Updated 3 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- External C2 Using IE COM Objects☆101Feb 24, 2019Updated 7 years ago
- ☆198Mar 19, 2020Updated 5 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically g…☆98Oct 13, 2022Updated 3 years ago
- ☆210Jan 30, 2019Updated 7 years ago
- ObscurityLabs RedTeam C# Toolkit☆123Sep 3, 2019Updated 6 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- PoC for proxying COM objects when hijacking☆214Sep 10, 2019Updated 6 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- ☆351Feb 21, 2022Updated 4 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago