rasta-mouse / AMSITrigger
The Hunt for Malicious Strings
☆11Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for AMSITrigger
- D/Invoke port of UrbanBishop☆29Updated 3 years ago
- ☆37Updated 6 years ago
- Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.☆30Updated 5 years ago
- A script that can be deployed to Azure App for C2 / Proxy / Redirector☆35Updated 5 years ago
- Python 3 server used to control SK8RAT implant☆34Updated 3 years ago
- ☆16Updated 3 years ago
- An Ansible role to install cobalt-strike☆16Updated 4 years ago
- Simple .NET assembly to interact with services.☆38Updated 5 years ago
- A C port of b33f's UrbanBishop☆37Updated 4 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 4 months ago
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆26Updated 3 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago
- ☆43Updated 3 years ago
- ☆28Updated 6 years ago
- Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…☆19Updated 8 years ago
- Initial Commit of Coresploit☆55Updated 3 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆41Updated 6 years ago
- PoC code from blog☆16Updated 4 years ago
- ☆45Updated 3 years ago
- Get or remove RunMRU values☆52Updated 4 years ago
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 3 years ago
- Quick and dirty .net console app for querying mssql servers.☆20Updated 6 years ago
- A more obfuscated CactusTorch targeted towards office☆31Updated 3 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆35Updated 3 years ago
- Easily serve HTTP and DNS keys for proper payload protection☆60Updated 6 years ago
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆25Updated last year
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆25Updated 4 years ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆22Updated 2 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Updated 6 years ago
- Protect your servers with a secret header☆28Updated 4 years ago