optiv / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆745Updated last year
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆979Updated 2 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆415Updated 11 months ago
- Framework for Kerberos relaying☆925Updated 3 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,267Updated last year
- A .NET Framework 4.0 Windows Agent☆494Updated last week
- Self-developed tools for Lateral Movement/Code Execution☆709Updated 3 years ago
- BadAssMacros - C# based automated Malicous Macro Generator.☆426Updated 3 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆740Updated 10 months ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆983Updated last year
- Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.☆376Updated 2 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆867Updated 4 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,148Updated 4 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆721Updated last week
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆1,004Updated 3 years ago
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,152Updated 3 months ago
- ☆1,012Updated 5 months ago
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,087Updated 2 years ago
- A unique technique to execute binaries from a password protected zip☆1,029Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆792Updated last year
- ☆524Updated 3 years ago
- Various Cobalt Strike BOFs☆667Updated 2 years ago
- Get file less command execution for lateral movement.☆626Updated 3 years ago
- .NET, PE, & Raw Shellcode Packer/Loader Written in Nim☆801Updated 2 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆427Updated 3 years ago
- TCP Port Redirection Utility☆726Updated 2 years ago
- ☆791Updated 2 years ago
- Situational Awareness commands implemented using Beacon Object Files☆1,499Updated 2 weeks ago
- "Golden" certificates☆695Updated 11 months ago
- ☆416Updated 2 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆523Updated 3 years ago