rasta-mouse / AMSITrigger

Related projects ⓘ

Alternatives and complementary repositories for AMSITrigger

• rvrsh3ll / RuralBishop
  D/Invoke port of UrbanBishop
  ☆29Updated 3 years ago
• ThunderGunExpress / Thunder_Woosus
  ☆37Updated 6 years ago
• TheWover / donut-demos
  Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.
  ☆30Updated 5 years ago
• vysecurity / AzureAppC2
  A script that can be deployed to Azure App for C2 / Proxy / Redirector
  ☆35Updated 5 years ago
• slyd0g / SK8PARK
  Python 3 server used to control SK8RAT implant
  ☆34Updated 3 years ago
• warferik / CVE-2019-3980
  ☆16Updated 3 years ago
• jfmaes / Ansible-Cobalt-Strike
  An Ansible role to install cobalt-strike
  ☆16Updated 4 years ago
• djhohnstein / SharpSC
  Simple .NET assembly to interact with services.
  ☆38Updated 5 years ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆37Updated 4 years ago
• m8sec / EAPrimer
  C# project to Reflectively load .Net assemblies in memory
  ☆17Updated 4 months ago
• threatexpress / mythic2modrewrite
  Generate Apache mod_rewrite rules for Mythic C2 profiles
  ☆26Updated 3 years ago
• thesnoom / extps-cobalt-strike-bof
  Extended Process List (Search functionality)
  ☆27Updated 3 years ago
• CCob / PwnyForm
  ☆43Updated 3 years ago
• ThunderGunExpress / ThunderMSI
  ☆28Updated 6 years ago
• stufus / shellcode-implant-stub
  Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…
  ☆19Updated 8 years ago
• checkymander / CoreSploit
  Initial Commit of Coresploit
  ☆55Updated 3 years ago
• TestingPens / CPLDropper
  A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…
  ☆41Updated 6 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 4 years ago
• xan7r / Misc
  ☆45Updated 3 years ago
• 0xthirteen / CleanRunMRU
  Get or remove RunMRU values
  ☆52Updated 4 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 3 years ago
• tevora-threat / SharpSQL
  Quick and dirty .net console app for querying mssql servers.
  ☆20Updated 6 years ago
• sussurro / BetterTorch
  A more obfuscated CactusTorch targeted towards office
  ☆31Updated 3 years ago
• kyleavery / ThirdEye
  Weaponizing CLRvoyance for Post-Ex .NET Execution
  ☆35Updated 3 years ago
• leoloobeek / keyserver
  Easily serve HTTP and DNS keys for proper payload protection
  ☆60Updated 6 years ago
• jnqpblc / SharpSvc
  SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.
  ☆25Updated last year
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆25Updated 4 years ago
• kafkaesqu3 / SharpStomp
  Timestomping module: overwrite file create/modify times in .NET (no pinvoke)
  ☆22Updated 2 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆28Updated 4 years ago