sec-consult / aggrokatz
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
☆156Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for aggrokatz
- pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Blood…☆134Updated last year
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆225Updated 2 years ago
- Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon☆322Updated 2 years ago
- PickleC2 is a post-exploitation and lateral movements framework☆83Updated 3 years ago
- Extendable payload obfuscation and delivery framework☆141Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆189Updated 3 years ago
- Simple rapper for Mimikatz, bypass Defender☆139Updated 3 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆102Updated 2 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆231Updated 2 years ago
- Convert Cobalt Strike profiles to IIS web.config files☆110Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆140Updated 3 years ago
- Spray a hash via smb to check for local administrator access☆140Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆214Updated 2 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆138Updated 3 years ago
- The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment …☆42Updated 2 years ago
- My CobaltStrike BOFS☆159Updated 2 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆120Updated 3 years ago
- C# tool to discover low hanging fruits☆89Updated last year
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆121Updated 3 years ago
- Python port of MailSniper to exfiltrate emails via EWS endpoint☆85Updated 2 years ago
- Zipper, a CobaltStrike file and folder compression utility.☆189Updated 4 years ago
- Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you will be able to execute system commands i…☆109Updated 2 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆124Updated last year
- Koppeling x Metatwin x LazySign☆203Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆232Updated 3 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆189Updated 7 months ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆267Updated last week
- Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)☆180Updated 3 years ago