Small scripts that make life better
☆300Jan 31, 2025Updated last year
Alternatives and similar repositories for Scripts
Users that are interested in Scripts are comparing it to the libraries listed below
Sorting:
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆328Mar 26, 2019Updated 6 years ago
- ☆281Dec 30, 2020Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- Basic password spraying tool for internal tests and red teaming☆88Mar 21, 2020Updated 5 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- Excel 4.0 (XLM) Macro Generator for injecting DLLs and EXEs into memory.☆513Sep 23, 2020Updated 5 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆203Jul 14, 2021Updated 4 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆2,232Dec 27, 2023Updated 2 years ago
- Miscellaneous Tools☆269Oct 29, 2020Updated 5 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration feature…☆301Apr 25, 2023Updated 2 years ago
- PoC of a VBA macro spawning a process with a spoofed parent and command line.☆381Apr 28, 2020Updated 5 years ago
- SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 st…☆200Jan 23, 2020Updated 6 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- Presentation material presented by Outflank team members at public events.☆191Oct 1, 2025Updated 4 months ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Tool to create hidden registry keys.☆491Oct 23, 2019Updated 6 years ago
- A quick tool for hiding a new process running shellcode.☆57Jun 10, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆321Nov 9, 2021Updated 4 years ago
- Also known by Microsoft as Knifecoat☆1,153Dec 22, 2022Updated 3 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strike☆271Jun 13, 2020Updated 5 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,606Jul 10, 2023Updated 2 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆152Sep 3, 2020Updated 5 years ago