Alternatives and similar repositories for WMI-persistence:

Users that are interested in WMI-persistence are comparing it to the libraries listed below

• Cn33liz / SmashedPotato
  ☆84Updated 9 years ago
• 3gstudent / Bypass-Windows-AppLocker
  ☆54Updated 7 years ago
• vletoux / ms17-010-Scanner
  ☆58Updated 7 years ago
• rivet1337 / CS-KickassBot
  A sample bot for Cobalt Strike 3
  ☆22Updated 8 years ago
• Cn33liz / VBSMeter
  VBS Reversed TCP Meterpreter Stager
  ☆86Updated 7 years ago
• killswitch-GUI / Persistence-Survivability
  Powershell Persistence Locator
  ☆66Updated 8 years ago
• p3nt4 / PSUnlock
  ☆19Updated 7 years ago
• Cn33liz / EasySystem
  Quick and dirty System (Power)Shell using NamedPipe impersonation.
  ☆43Updated 8 years ago
• Skons / ms17-0100
  Mixing up CVE and MS like a pro
  ☆24Updated 7 years ago
• Cn33liz / p0shKiller
  ☆63Updated 8 years ago
• Cn33liz / MS17-012
  MS17-012 - COM Session Moniker EoP Exploit running within MSBuild.exe
  ☆59Updated 7 years ago
• 001SPARTaN / csfm
  Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.
  ☆64Updated 7 years ago
• stufus / parse-mimikatz-log
  A relatively flexible tool to parse mimikatz output
  ☆35Updated 8 years ago
• 0xbadjuju / Sharpire
  A C# implementation of the PowerShell Empire Agent
  ☆74Updated 5 years ago
• SadProcessor / EmpireDog
  A collection of PowerShell Modules for BloodHound/Empire Orchestration
  ☆106Updated 7 years ago
• secabstraction / Create-WMIshell
  ☆53Updated 9 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆43Updated 7 years ago
• sekirkity / SeeCLRly
  Fileless SQL Server CLR-based Custom Stored Procedure Command Execution
  ☆35Updated 8 years ago
• MatthewDemaske / ThreatHuntingStuff
  Useful Threat Hunting Stuff
  ☆31Updated 4 years ago
• vysecurity / CACTUSTORCH
  CACTUSTORCH: Payload Generation for Adversary Simulations
  ☆75Updated 6 years ago
• Arno0x / ObfuscateCactusTorch
  When CactusTorch meets WebDavDelivery and obfuscation
  ☆63Updated 7 years ago
• V1V1 / Sleight
  Empire HTTP(S) C2 redirector setup script
  ☆47Updated 6 years ago
• 0xbadjuju / PowerProvider
  ☆40Updated 6 years ago
• curtbraz / Invoke-NeutralizeAV
  Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting
  ☆41Updated 6 years ago
• Cn33liz / SharpCat
  SharpCat - A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker)
  ☆46Updated 8 years ago
• Ben0xA / AwesomerShell
  The AwesomerShell Code Sample
  ☆50Updated 9 years ago
• jaredcatkinson / EvilNetConnectionWMIProvider
  ☆79Updated 9 years ago
• darkquasar / WMI_Persistence
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆85Updated 7 years ago
• 3gstudent / bitsadminexec
  Use bitsadmin to maintain persistence and bypass Autoruns
  ☆66Updated 7 years ago
• vysecurity / PSPunch
  An offensive Powershell console
  ☆30Updated 9 years ago