Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
☆156Apr 27, 2021Updated 4 years ago
Alternatives and similar repositories for aggrokatz
Users that are interested in aggrokatz are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆287Oct 29, 2024Updated last year
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆245Jul 14, 2021Updated 4 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago
- A beacon generator using Cobalt Strike and a variety of tools.☆448Aug 10, 2021Updated 4 years ago
- Remove API hooks from a Beacon process.☆283Sep 18, 2021Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆103Jan 7, 2022Updated 4 years ago
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆211Mar 18, 2024Updated 2 years ago
- DLL Hijack Search Order Enumeration BOF☆149Nov 3, 2021Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 3 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 5 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆363Feb 24, 2023Updated 3 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 5 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 3 years ago
- AutoStart teamserver and listeners with services☆75Dec 23, 2021Updated 4 years ago
- An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Opt…☆221Aug 23, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆121Jun 17, 2022Updated 3 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆872Mar 20, 2023Updated 3 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆289Mar 8, 2023Updated 3 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆774Sep 4, 2024Updated last year
- Self-developed tools for Lateral Movement/Code Execution☆721Aug 17, 2021Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆192Jul 14, 2021Updated 4 years ago
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,203Apr 16, 2025Updated 11 months ago
- Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)☆464Jul 15, 2022Updated 3 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+☆1,097Apr 19, 2023Updated 2 years ago
- Cobalt Strike kit for Persistence☆492Jan 27, 2020Updated 6 years ago