Sukoshi is a proof-of-concept Python/C++ implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.
☆47Mar 26, 2022Updated 4 years ago
Alternatives and similar repositories for Sukoshi
Users that are interested in Sukoshi are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆37May 8, 2022Updated 3 years ago
- A fast wordlist to nthash converter☆21Nov 22, 2021Updated 4 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆94May 14, 2022Updated 3 years ago
- 一个demo☆23Apr 2, 2024Updated 2 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆113Oct 10, 2021Updated 4 years ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- Eddie Vetter - triage macOS applications for security research☆16May 24, 2021Updated 4 years ago
- ☆61Jan 9, 2023Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Polymorphic code obfuscator for use in Red Team operations☆33Apr 13, 2022Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆48Sep 27, 2021Updated 4 years ago
- CVE-2019-1040 with Kerberos delegation☆33Jun 18, 2021Updated 4 years ago
- Load the evilDLL from socket connection without touch disk☆15Aug 27, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆104Apr 18, 2022Updated 3 years ago
- ☆43May 14, 2024Updated last year
- ☆20Nov 6, 2023Updated 2 years ago
- redis主从复制windows和Linux 6.x☆11Nov 15, 2021Updated 4 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Scripts to automate standing up C2 infra with firewall settings inside of DigitalOcean.☆18Feb 5, 2021Updated 5 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- My Blog☆12Feb 4, 2026Updated 2 months ago
- COFF and BOF Loader written in Nim☆173Apr 4, 2026Updated last week
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆33Aug 20, 2020Updated 5 years ago
- cidrgen is based on cidr's subnet IP list generator☆15Aug 21, 2020Updated 5 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆73Jul 25, 2022Updated 3 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root☆21Oct 20, 2022Updated 3 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 9 months ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.☆283Feb 8, 2024Updated 2 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago