optiv / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆747Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆994Updated 3 years ago
- A .NET Framework 4.0 Windows Agent☆523Updated last month
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆766Updated last year
- Framework for Kerberos relaying☆939Updated 3 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,078Updated last year
- Self-developed tools for Lateral Movement/Code Execution☆720Updated 4 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆431Updated last year
- BadAssMacros - C# based automated Malicous Macro Generator.☆437Updated 4 years ago
- Get file less command execution for lateral movement.☆634Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆829Updated 2 years ago
- ☆538Updated 4 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,360Updated 2 years ago
- NTLM relaying for Windows made easy☆578Updated 2 years ago
- PIC lsass dumper using cloned handles☆594Updated 3 years ago
- ☆433Updated 3 years ago
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,191Updated 9 months ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,163Updated 4 years ago
- Various Cobalt Strike BOFs☆731Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆737Updated 2 years ago
- .NET, PE, & Raw Shellcode Packer/Loader Written in Nim☆812Updated 3 years ago
- A unique technique to execute binaries from a password protected zip☆1,039Updated 3 years ago
- PowerShell Script Obfuscator☆588Updated 2 years ago
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆389Updated 2 years ago
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆1,011Updated 4 years ago
- XLL Phishing Tradecraft☆431Updated 3 years ago
- ☆473Updated last year
- Hide your payload in DNS☆618Updated 2 years ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆500Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,001Updated last year
- TCP Port Redirection Utility☆758Updated 3 years ago