paranoidninja / BRC4-Seminar-Stage-IView external linksLinks
These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be found here:
☆22Aug 26, 2023Updated 2 years ago
Alternatives and similar repositories for BRC4-Seminar-Stage-I
Users that are interested in BRC4-Seminar-Stage-I are comparing it to the libraries listed below
Sorting:
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- malware written for educational purposes☆71Dec 31, 2025Updated last month
- game of active directory (SnapLabs version)☆15Aug 12, 2025Updated 6 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆16Feb 13, 2024Updated 2 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- ☆93Aug 23, 2021Updated 4 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Aug 31, 2022Updated 3 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆58Sep 7, 2024Updated last year
- ☆18May 6, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆13Jan 15, 2025Updated last year
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Aug 26, 2022Updated 3 years ago
- Windows Access token manipulation tool made in C#☆24Aug 24, 2025Updated 5 months ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- Brute Ratel External C2 (Microsoft Teams)☆38Dec 11, 2024Updated last year
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆19Apr 30, 2021Updated 4 years ago
- ☆21Aug 26, 2021Updated 4 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- ADSI based SA tool☆17Apr 9, 2022Updated 3 years ago
- ☆70Apr 21, 2021Updated 4 years ago
- SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…☆75May 3, 2024Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆86Apr 15, 2025Updated 10 months ago
- ☆24Oct 18, 2022Updated 3 years ago
- A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts☆18Apr 19, 2024Updated last year
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆125Dec 22, 2021Updated 4 years ago
- Ansible Cobalt Strike (Docker)☆15Jan 8, 2022Updated 4 years ago
- ☆25Jul 7, 2022Updated 3 years ago
- ☆49Apr 9, 2025Updated 10 months ago