Sukoshi is a proof-of-concept Python/C++ implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.
☆47Mar 26, 2022Updated 3 years ago
Alternatives and similar repositories for Sukoshi
Users that are interested in Sukoshi are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆37May 8, 2022Updated 3 years ago
- A fast wordlist to nthash converter☆21Nov 22, 2021Updated 4 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- 一个demo☆23Apr 2, 2024Updated last year
- A BOF to interact with COM objects associated with the Windows software firewall.☆109Oct 10, 2021Updated 4 years ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- Eddie Vetter - triage macOS applications for security research☆16May 24, 2021Updated 4 years ago
- ☆61Jan 9, 2023Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Polymorphic code obfuscator for use in Red Team operations☆32Apr 13, 2022Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆48Sep 27, 2021Updated 4 years ago
- CVE-2019-1040 with Kerberos delegation☆33Jun 18, 2021Updated 4 years ago
- Load the evilDLL from socket connection without touch disk☆15Aug 27, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆104Apr 18, 2022Updated 3 years ago
- ☆42May 14, 2024Updated last year
- ☆20Nov 6, 2023Updated 2 years ago
- redis主从复制windows和Linux 6.x☆11Nov 15, 2021Updated 4 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- Scripts to automate standing up C2 infra with firewall settings inside of DigitalOcean.☆18Feb 5, 2021Updated 5 years ago
- My Blog☆12Feb 4, 2026Updated last month
- ☆15Aug 17, 2023Updated 2 years ago
- COFF and BOF Loader written in Nim☆174Aug 1, 2022Updated 3 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆33Aug 20, 2020Updated 5 years ago
- cidrgen is based on cidr's subnet IP list generator☆15Aug 21, 2020Updated 5 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆73Jul 25, 2022Updated 3 years ago
- A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root☆21Oct 20, 2022Updated 3 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.☆283Feb 8, 2024Updated 2 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago