A simple embedded Linux backdoor.
☆199Oct 25, 2020Updated 5 years ago
Alternatives and similar repositories for thetick
Users that are interested in thetick are comparing it to the libraries listed below
Sorting:
- ☆67Dec 19, 2018Updated 7 years ago
- Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…☆180Sep 11, 2023Updated 2 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆332May 3, 2020Updated 5 years ago
- ☆128May 22, 2023Updated 2 years ago
- Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams☆621Oct 6, 2025Updated 4 months ago
- lateral movement techniques that can be used during red team exercises☆273Jan 13, 2020Updated 6 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- BlueKeep powershell scanner (based on c# code)☆39Nov 11, 2019Updated 6 years ago
- Targeted Payload Execution☆100Apr 9, 2020Updated 5 years ago
- The SSH Multiplex Backdoor Tool☆65Oct 21, 2019Updated 6 years ago
- sploit☆67Dec 21, 2019Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.☆169Jun 16, 2022Updated 3 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.☆314Sep 30, 2019Updated 6 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- A tool to create obfuscated HTA script.☆178Jul 2, 2021Updated 4 years ago
- Linux Local Privesc Helper and Agent☆166Dec 2, 2019Updated 6 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- Sustainable shellcode evasion☆112Dec 11, 2024Updated last year
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Dec 12, 2019Updated 6 years ago
- CVE-2018-13379☆254Aug 14, 2019Updated 6 years ago
- Packer and vagrant scripts to automate building Windows and Linux machines on vCenter☆17Jul 7, 2019Updated 6 years ago
- A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2☆139Jan 5, 2023Updated 3 years ago
- Test CVE-2018-0296 and extract usernames☆106Dec 9, 2018Updated 7 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Mar 8, 2019Updated 6 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆504Sep 23, 2025Updated 5 months ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆91Nov 9, 2019Updated 6 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322☆350Nov 14, 2019Updated 6 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆215Aug 4, 2020Updated 5 years ago
- named pipe server with impersonation☆59May 11, 2019Updated 6 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆82Jun 24, 2020Updated 5 years ago
- ☆272Jul 26, 2022Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- Library of traffic redirectors☆26Apr 7, 2020Updated 5 years ago