ricardojoserf / covert-control
Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram
☆62Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for covert-control
- RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.☆57Updated 2 years ago
- Tool to manipulate and weaponize Office Open XML documents.☆68Updated last year
- ☆47Updated 3 years ago
- In progress persistent download/upload/execution tool using Windows BITS.☆42Updated 3 years ago
- Finding SSL Blindspots for Red Teams☆30Updated 4 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 3 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 2 years ago
- Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software☆65Updated last year
- PyQT5 app for LOLBAS and GTFOBins☆45Updated 2 years ago
- C# and Impacket implementation (here with Kerberos auth support) of PrintNightmare CVE-2021-1675/CVE-2021-34527☆29Updated 3 years ago
- Notification webhook for GoPhish☆52Updated 5 months ago
- Tool to transfer credential files from Firefox to your local machine to decrypt offline.☆23Updated 2 years ago
- PickleC2 is a post-exploitation and lateral movements framework☆83Updated 3 years ago
- Invoke-SocksProxy is a PowerShell script designed to create reverse proxies.☆45Updated 3 years ago
- Super organized and flexible script for sending phishing campaigns☆54Updated 2 years ago
- Stealthy Stand Alone PHP Web Shell☆33Updated 5 years ago
- Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.☆59Updated 3 years ago
- A Red Team tool for exfiltrating sensitive data from Jira tickets.☆84Updated last year
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆34Updated 2 years ago
- Simple C2 over the Trello API☆37Updated last year
- A tool to password spray Jenkins instances☆52Updated 5 years ago
- Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved…☆62Updated 3 years ago
- Convert ldapdomaindump to Bloodhound☆76Updated 10 months ago
- A Golang implant that uses Slack as a command and control server☆45Updated 4 years ago
- A curated list of tools and techniques written from experience in weaponization of malware☆34Updated last year
- Distributed phishing framework designed to streamline offensive security phishing☆39Updated last year
- ☆24Updated 3 years ago
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆98Updated 4 months ago
- Creates and sends fake meeting invite☆51Updated 3 years ago