nmantani / archiver-MOTW-support-comparisonView external linksLinks
☆259Oct 7, 2025Updated 4 months ago
Alternatives and similar repositories for archiver-MOTW-support-comparison
Users that are interested in archiver-MOTW-support-comparison are comparing it to the libraries listed below
Sorting:
- ☆225Oct 22, 2023Updated 2 years ago
- Patch AMSI and ETW☆250May 8, 2024Updated last year
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,083Jun 10, 2024Updated last year
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 5 months ago
- ☆385Jan 19, 2023Updated 3 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆148Sep 8, 2022Updated 3 years ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 3 months ago
- Spartacus DLL/COM Hijacking Toolkit☆1,083Feb 1, 2024Updated 2 years ago
- ☆1,117Jan 6, 2026Updated last month
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆146May 18, 2024Updated last year
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- ☆612Jul 21, 2025Updated 6 months ago
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆92Sep 9, 2022Updated 3 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆272Sep 14, 2023Updated 2 years ago
- MS-FSRVP coercion abuse PoC☆305Dec 30, 2021Updated 4 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆671Aug 15, 2025Updated 5 months ago
- ☆246Jul 31, 2024Updated last year
- "Golden" certificates☆710Aug 17, 2024Updated last year
- D/Invoke implementation in Nim☆103Jun 8, 2022Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆302Mar 1, 2023Updated 2 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,628Aug 6, 2022Updated 3 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆373May 24, 2022Updated 3 years ago
- Threadless Process Injection using remote function hooking.☆808Sep 4, 2024Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Jun 21, 2022Updated 3 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆127May 24, 2022Updated 3 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆386Feb 23, 2024Updated last year
- Aims to identify sleeping beacons☆659Jan 25, 2026Updated 2 weeks ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆819Mar 11, 2021Updated 4 years ago
- TCP Port Redirection Utility☆760Jan 31, 2023Updated 3 years ago
- ☆827Sep 9, 2022Updated 3 years ago
- ☆424Apr 22, 2025Updated 9 months ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆243Jan 4, 2023Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,004Jun 4, 2024Updated last year
- A .NET tool for exporting and importing certificates without touching disk.☆499Oct 8, 2021Updated 4 years ago