optiv / Registry-Recon
Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon
☆326Updated 2 years ago
Alternatives and similar repositories for Registry-Recon:
Users that are interested in Registry-Recon are comparing it to the libraries listed below
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆229Updated 3 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆265Updated 4 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆378Updated 2 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆302Updated last year
- ☆293Updated 10 months ago
- Extendable payload obfuscation and delivery framework☆143Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆298Updated 2 years ago
- Beacon Object File PoC implementation of KillDefender☆227Updated 3 years ago
- ☆158Updated 3 years ago
- MS-FSRVP coercion abuse PoC☆288Updated 3 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆307Updated 3 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆366Updated 3 years ago
- C# Lsass parser☆291Updated 3 years ago
- My CobaltStrike BOFS☆164Updated 2 years ago
- Active Directory password spraying tool. Auto fetches user list and avoids potential lockouts.☆130Updated 3 years ago
- Proof-of-concept tools for my AD Forest trust research☆209Updated 10 months ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆219Updated 2 years ago
- GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements☆181Updated 3 years ago
- Persistence by writing/reading shellcode from Event Log☆371Updated 2 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆347Updated 2 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆268Updated 2 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆257Updated 2 years ago
- Collection of tested Cobaltstrike aggressor scripts.☆116Updated 5 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆275Updated 3 years ago
- A little tool to play with the Seclogon service☆312Updated 2 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆198Updated 4 years ago
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆173Updated 5 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆205Updated last year
- C# version of Powermad☆165Updated last year