Ps-Tools, an advanced process monitoring toolkit for offensive operations
☆355Dec 1, 2020Updated 5 years ago
Alternatives and similar repositories for Ps-Tools
Users that are interested in Ps-Tools are comparing it to the libraries listed below
Sorting:
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Miscellaneous Tools☆269Oct 29, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆442Apr 1, 2022Updated 3 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆211Mar 18, 2024Updated last year
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- Collection of Beacon Object Files☆633Nov 1, 2022Updated 3 years ago
- Evade sysmon and windows event logging☆625Apr 8, 2020Updated 5 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆809Aug 28, 2022Updated 3 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Lockless allows for the copying of locked files.☆253Apr 30, 2021Updated 4 years ago
- Collection of Offensive C# Tooling☆1,470Feb 6, 2023Updated 3 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆362Feb 24, 2023Updated 3 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,577Jan 5, 2021Updated 5 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆332May 3, 2020Updated 5 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆149May 12, 2020Updated 5 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strike☆271Jun 13, 2020Updated 5 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆807Jul 6, 2020Updated 5 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆321Nov 9, 2021Updated 4 years ago
- Tool to create hidden registry keys.☆491Oct 23, 2019Updated 6 years ago
- Run shellcode from resource☆259Dec 13, 2020Updated 5 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆316Dec 19, 2023Updated 2 years ago
- Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell☆498Mar 15, 2023Updated 2 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆203Jul 14, 2021Updated 4 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,163Mar 31, 2021Updated 4 years ago
- ☆360Apr 24, 2021Updated 4 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆101Sep 30, 2020Updated 5 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,727Jan 16, 2026Updated last month