sec-consult / aggrokatz
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
☆157Updated 3 years ago
Alternatives and similar repositories for aggrokatz:
Users that are interested in aggrokatz are comparing it to the libraries listed below
- PickleC2 is a post-exploitation and lateral movements framework☆91Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆226Updated 3 years ago
- pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Blood…☆137Updated last year
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆230Updated 2 years ago
- Convert Cobalt Strike profiles to IIS web.config files☆112Updated 3 years ago
- Extendable payload obfuscation and delivery framework☆143Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Updated 3 years ago
- Simple rapper for Mimikatz, bypass Defender☆140Updated 3 years ago
- My CobaltStrike BOFS☆163Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆141Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆147Updated 3 years ago
- CVE-2021-40444☆65Updated 3 years ago
- Spray a hash via smb to check for local administrator access☆140Updated 4 years ago
- Beacon Object File PoC implementation of KillDefender☆223Updated 2 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆215Updated last year
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Updated 3 years ago
- ☆129Updated 4 years ago
- ☆157Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆240Updated 3 years ago
- Bypassing AppLocker with C#☆138Updated 3 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆125Updated 3 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆182Updated 2 years ago
- Python port of MailSniper to exfiltrate emails via EWS endpoint☆87Updated 3 years ago
- ☆68Updated 4 years ago
- An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.☆141Updated 3 years ago
- Tool for interacting with outlook interop during red team engagements☆143Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆146Updated 4 years ago
- This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withou…☆182Updated last year
- .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy P…☆172Updated 5 years ago