r4wd3r / RID-Hijacking
Windows RID Hijacking persistence technique
☆174Updated 5 months ago
Alternatives and similar repositories for RID-Hijacking:
Users that are interested in RID-Hijacking are comparing it to the libraries listed below
- lateral movement techniques that can be used during red team exercises☆271Updated 5 years ago
- Quick Malicious ClickOnceGenerator for Red Team☆249Updated 4 years ago
- Lateral Movement technique using DCOM and HTA☆233Updated 2 years ago
- DLL Generator for side loading attack☆171Updated 6 years ago
- PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)☆325Updated 6 years ago
- Obfuscated Penetration Testing PowerShell scripts☆146Updated 5 months ago
- Python api for usage with cobalt strike's External C2 specification☆236Updated 2 years ago
- Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to…☆178Updated last year
- DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.☆252Updated 6 years ago
- Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors☆154Updated 6 years ago
- An Insider Threat Toolkit☆151Updated 6 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆257Updated 6 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆168Updated 4 years ago
- Misc. PowerShell scripts☆117Updated 8 years ago
- Various Cheat Sheets☆181Updated 3 years ago
- Assorted scripts and one off things☆268Updated 8 months ago
- This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploi…☆144Updated 3 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆390Updated 7 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆113Updated 5 years ago
- ☆79Updated 8 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆248Updated 4 years ago
- SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp☆138Updated 4 years ago
- ☆229Updated 6 years ago
- How To Execute Shellcode via HTA☆138Updated 7 years ago
- Inject PowerShell into any process☆230Updated 6 years ago
- Constrained Language Mode + AMSI bypass all in one☆157Updated 5 years ago
- Presentation material presented by Outflank team members at public events.☆187Updated 4 months ago
- ☆177Updated 6 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated 2 months ago
- ☆169Updated 7 years ago