optiv / ScareCrowLinks
ScareCrow - Payload creation framework designed around EDR bypass.
☆2,853Updated 2 years ago
Alternatives and similar repositories for ScareCrow
Users that are interested in ScareCrow are comparing it to the libraries listed below
Sorting:
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,156Updated 4 years ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆2,043Updated 10 months ago
- A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.☆2,031Updated 4 months ago
- Extract credentials from lsass remotely☆2,156Updated 3 months ago
- The swiss army knife of LSASS dumping☆2,013Updated last year
- Template-Driven AV/EDR Evasion Framework☆1,737Updated last year
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,658Updated 3 weeks ago
- ☆2,152Updated 2 years ago
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,137Updated 6 months ago
- A collaborative, multi-platform, red teaming framework☆4,048Updated last week
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,491Updated last year
- Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure …☆2,645Updated this week
- The Hunt for Malicious Strings☆1,301Updated 5 months ago
- Starkiller is a Frontend for PowerShell Empire.☆1,570Updated last month
- Some notes and examples for cobalt strike's functionality☆1,115Updated 3 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,525Updated 2 years ago
- ☆1,510Updated 2 years ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,329Updated last year
- Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.☆1,542Updated 3 years ago
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,935Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,461Updated 2 years ago
- Situational Awareness commands implemented using Beacon Object Files☆1,583Updated last month
- Open-Source Shellcode & PE Packer☆2,010Updated last year
- Automation for internal Windows Penetrationtest / AD-Security☆3,582Updated last month
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆2,108Updated last month
- A tool to kill antimalware protected processes☆1,476Updated 4 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,416Updated 2 years ago
- Mimikatz implementation in pure Python☆3,154Updated last month
- PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.☆2,100Updated last year
- Open source C2 server created for stealth red team operations☆828Updated 3 years ago