nccgroup / memscan
Searches for strings, regex, credit card numbers of magnetic stripe card tracks in a Windows process's memory space
☆123Updated 3 years ago
Related projects: ⓘ
- A proof of concept demonstrating the use of Google Drive for command and control.☆82Updated 6 years ago
- A Powershell exploit service that opens a reverse http connection via meterpreter☆117Updated last year
- A Generic Windows Memory Scraping Tool☆70Updated 7 years ago
- ☆168Updated this week
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆102Updated 7 years ago
- Windows Share Enumerator☆125Updated 5 years ago
- Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…☆198Updated 6 years ago
- This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.…☆70Updated 7 years ago
- Meterpreter Scripts that I'm working on☆171Updated 5 years ago
- Windows privilege escalation through NTLM Relay and NBNS Spoofing☆49Updated 8 years ago
- DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.☆146Updated 4 years ago
- A command line tool for creating malicious outlook rules☆156Updated 5 years ago
- This is a pack of Cortana scripts commonly used on our pentests.☆68Updated 9 years ago
- Attack Knowledge Base☆100Updated 7 years ago
- ☆84Updated this week
- A payload stager using PowerShell☆181Updated 4 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆284Updated 5 years ago
- outis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) a…☆122Updated 7 years ago
- ☆76Updated this week
- ☆78Updated 8 years ago
- DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.☆145Updated 5 years ago
- Uses Invoke-Shellcode to execute a payload and persist on the system.☆111Updated 7 years ago
- 3 tools that work together to simplify reconaissance of Windows File Shares☆161Updated 6 years ago
- ☆135Updated this week
- ☆118Updated 8 years ago
- Liniaal - A communication extension to Ruler☆96Updated 6 years ago
- some pocs for antivirus evasion☆129Updated last year
- Security Product Taskbar Icons (to identify from screenshots)☆56Updated 4 years ago
- Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool☆159Updated last year
- OpenSource cross-platform python security toolkit (remote shell)☆46Updated last year