tmenochet / PowerExecLinks
Offensive tool for fileless lateral movement on Windows networks
☆25Updated last year
Alternatives and similar repositories for PowerExec
Users that are interested in PowerExec are comparing it to the libraries listed below
Sorting:
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆95Updated 3 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆70Updated 7 months ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 3 years ago
- A simple BOF that frees UDRLs☆120Updated 3 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆95Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- C# Port of LdapRelayScan☆83Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- Implant drop-in for EDR testing☆139Updated last year
- ☆88Updated 2 years ago
- RDPThief donut shellcode inject into mstsc☆87Updated 4 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆90Updated 2 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago
- ☆122Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 8 months ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆68Updated last month
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆124Updated 2 years ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆91Updated 3 weeks ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆113Updated last year
- Collection of Beacon Object Files (BOFs) for shells and lols☆119Updated 3 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆58Updated 5 years ago
- C# version of NTLMRawUnHide☆72Updated 2 years ago
- ☆110Updated 6 months ago
- ☆141Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆137Updated last year
- Do some DLL SideLoading magic☆83Updated last year