robwillisinfo / Invoke-Decoder

Related projects ⓘ

Alternatives and complementary repositories for Invoke-Decoder

• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆21Updated 6 years ago
• w1u0u1 / smb2os
  Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
  ☆59Updated 3 years ago
• WithSecureLabs / RemotePSpy
  RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…
  ☆18Updated 4 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• password-reset / TrelloC2
  Simple C2 over the Trello API
  ☆37Updated last year
• bohops / IISAppPoolCreds
  Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
  ☆13Updated 6 years ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆28Updated 5 years ago
• johneiser / MalleableC2Parser
  A library to parse, modify, and implement Malleable C2 profiles
  ☆21Updated 5 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆41Updated 6 years ago
• shantanu561993 / heroku-reverse-proxy
  Spin up a reverse proxy quickly on Heroku
  ☆13Updated 3 years ago
• tobiohlala / PSMemory
  Automation Capable Multi Search 64 Bit Windows Memory Scanner
  ☆28Updated 3 years ago
• hausec / CobaltStrikeToGhostWriter
  Log converter from CS log to Ghostwriter CSV
  ☆29Updated 3 years ago
• S3cur3Th1sSh1t / SharpByeBear
  AppXSVC Service race condition - privilege escalation
  ☆27Updated 5 years ago
• OsandaMalith / WindowsInternals
  Experiments on the Windows Internals
  ☆30Updated 5 years ago
• secgroundzero / SharpAttack
  C# Situational Awareness Script
  ☆34Updated 5 years ago
• cedowens / Mod_Rewrite_Automation
  Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
  ☆46Updated 3 years ago
• DimopoulosElias / SimpleMimikatzObfuscator
  A set of commands to bypass Defender (and some other AVs)
  ☆18Updated 5 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 3 years ago
• benyG / RProcDump
  Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline
  ☆35Updated 4 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• jnqpblc / Misc-PowerShell
  Miscellaneous PowerShell scripts for red team activities
  ☆16Updated last week
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• dsnezhkov / RunDllMShim
  Run Managed Assemblies with RunDll
  ☆16Updated 6 years ago
• ahhh / GoRedShell
  A cross platform tool for verifying credentials and executing single commands
  ☆32Updated 5 years ago
• jsecurity101 / jsecurity101
  ☆14Updated 7 months ago
• whiteHat001 / MIcrosoft-Word-Use-After-Free
  ☆15Updated 4 years ago
• 3gstudent / PasswordFilter
  2 ways of Password Filter DLL to record the plaintext password
  ☆62Updated 3 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 3 years ago