optiv / Ivy
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆744Updated last year
Alternatives and similar repositories for Ivy:
Users that are interested in Ivy are comparing it to the libraries listed below
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆961Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,210Updated last year
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,093Updated this week
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆361Updated last year
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,075Updated 2 years ago
- A .NET Framework 4.0 Windows Agent☆471Updated last week
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆912Updated 10 months ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆859Updated 4 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆709Updated 7 months ago
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆995Updated 3 years ago
- ☆518Updated 3 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆396Updated 7 months ago
- Framework for Kerberos relaying☆906Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,140Updated 4 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆921Updated 10 months ago
- BadAssMacros - C# based automated Malicous Macro Generator.☆414Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆758Updated last year
- Various Cobalt Strike BOFs☆630Updated 2 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆455Updated 2 years ago
- Self-developed tools for Lateral Movement/Code Execution☆706Updated 3 years ago
- NTLM relaying for Windows made easy☆561Updated last year
- Another Windows Local Privilege Escalation from Service Account to System☆843Updated 2 years ago
- ☆768Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,308Updated last year
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆382Updated 3 years ago
- ☆469Updated 5 months ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆706Updated last year
- ☆955Updated last month
- Nim-based assembly packer and shellcode loader for opsec & profit☆471Updated 2 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆653Updated last year