roobixx / EventLogForRedTeamsLinks
Simple PoC from Malicious Payload Injection from Windows Event Log Entry
☆28Updated 3 years ago
Alternatives and similar repositories for EventLogForRedTeams
Users that are interested in EventLogForRedTeams are comparing it to the libraries listed below
Sorting:
- A module for CME that spiders across a domain.☆35Updated 3 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆51Updated 3 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆93Updated 2 years ago
- Retrieve AD accounts description and search for password in it☆82Updated 3 years ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆88Updated 2 years ago
- ☆85Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 6 months ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 4 years ago
- Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.☆84Updated 2 years ago
- RDP Checker☆64Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- ☆39Updated last year
- ☆44Updated last year
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- ☆43Updated 3 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆88Updated 3 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆122Updated 3 years ago
- C# version of NTLMRawUnHide☆72Updated 3 years ago
- My BloodHound custom queries☆26Updated 2 years ago
- ☆74Updated 4 months ago
- Some scripts to support with importing large datasets into BloodHound☆79Updated last year
- A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc☆15Updated 5 years ago
- Golang search engine scraper intended for identification of published ClickOnce deployments☆86Updated 11 months ago
- Exchangelib wrapper for pentesting☆66Updated 8 months ago
- ☆39Updated 3 years ago
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Updated 3 years ago
- Weaponising C# - Fundamentals Training Content☆70Updated 4 years ago
- An Ansible role for installing Cobalt Strike.☆81Updated last week
- Add SD for controlled computer object to a target object for RBCD using LDAP☆37Updated 3 years ago