tmenochet / PowerExecLinks
Offensive tool for fileless lateral movement on Windows networks
☆25Updated last year
Alternatives and similar repositories for PowerExec
Users that are interested in PowerExec are comparing it to the libraries listed below
Sorting:
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆90Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆96Updated 3 years ago
- Implant drop-in for EDR testing☆139Updated last year
- RDPThief donut shellcode inject into mstsc☆87Updated 4 years ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆113Updated last year
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆97Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆84Updated 2 years ago
- ☆88Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆107Updated 2 years ago
- ☆70Updated 2 years ago
- C# havoc implant☆100Updated 2 years ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆93Updated last month
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆72Updated 8 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆92Updated 5 months ago
- ☆75Updated 2 years ago
- ☆39Updated 2 years ago
- ☆63Updated 5 months ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 9 months ago
- D/Invoke implementation in Nim☆101Updated 3 years ago
- Patch AMSI and ETW in remote process via direct syscall☆81Updated 3 years ago
- Do some DLL SideLoading magic☆84Updated last year
- ☆122Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆67Updated 2 months ago
- C# Port of LdapRelayScan☆85Updated 3 years ago