Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
☆264Sep 26, 2025Updated 5 months ago
Alternatives and similar repositories for SharpGmailC2
Users that are interested in SharpGmailC2 are comparing it to the libraries listed below
Sorting:
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆362Dec 19, 2022Updated 3 years ago
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆501Jan 10, 2023Updated 3 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Jan 10, 2025Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆497Nov 29, 2022Updated 3 years ago
- Native Syscalls Shellcode Injector☆267Jul 2, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,470Aug 18, 2023Updated 2 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- A tiny Reverse Sock5 Proxy written in C :V☆315Nov 28, 2022Updated 3 years ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆458Mar 25, 2024Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- Go shellcode loader that combines multiple evasion techniques☆389Jun 21, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated last month
- PoCs and tools for investigation of Windows process execution techniques☆953Feb 2, 2026Updated last month
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆502May 16, 2023Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 2 years ago
- HVNC for Cobalt Strike☆1,301Dec 7, 2023Updated 2 years ago
- A C# Command & Control framework☆1,026Mar 28, 2024Updated last year
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- Credential Guard Bypass Via Patching Wdigest Memory☆335Feb 3, 2023Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- A windows token impersonation tool☆319Apr 19, 2023Updated 2 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,230Aug 18, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- Spartacus DLL/COM Hijacking Toolkit☆1,083Feb 1, 2024Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆193Dec 14, 2022Updated 3 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- Sandman is a NTP based backdoor for hardened networks.☆815Mar 31, 2024Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago