EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.
☆68Sep 20, 2024Updated last year
Alternatives and similar repositories for EC2StepShell
Users that are interested in EC2StepShell are comparing it to the libraries listed below
Sorting:
- Golang Shlyuz Implant Implementation☆13May 23, 2025Updated 9 months ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆39Sep 29, 2025Updated 5 months ago
- ☆39Nov 25, 2025Updated 3 months ago
- Cloud Exploit Framework☆112May 11, 2022Updated 3 years ago
- FireProx written in Go☆20Apr 13, 2024Updated last year
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Jul 4, 2022Updated 3 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- ☆19Dec 18, 2024Updated last year
- Chromium Cookie import / export tool☆11Jul 21, 2024Updated last year
- ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication …☆79Oct 18, 2024Updated last year
- Small utility script to notify via Slack about Hashcat's progress during a password cracking session☆10Mar 10, 2019Updated 7 years ago
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 7 months ago
- Retrieve AD accounts description and search for password in it☆81Jul 21, 2022Updated 3 years ago
- A user enumeration tool for Slack.☆36Jun 10, 2024Updated last year
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- ☆198Jan 18, 2023Updated 3 years ago
- RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their su…☆35Feb 20, 2024Updated 2 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- ☆16Oct 18, 2024Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆286Jun 8, 2023Updated 2 years ago
- ☆155Mar 5, 2026Updated 2 weeks ago
- A prototype malware C2 channel using x509 certificates over mTLS☆152Mar 15, 2024Updated 2 years ago
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆89Jun 22, 2024Updated last year
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 9 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- Exploitation of CVE-2025-29969☆53Feb 20, 2026Updated last month
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆150May 3, 2024Updated last year
- Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Si…☆79Jan 13, 2026Updated 2 months ago
- A Slack bot phishing framework for Red Teaming exercises☆166Apr 27, 2024Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago