CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
☆292Jul 27, 2021Updated 4 years ago
Alternatives and similar repositories for CredPhish
Users that are interested in CredPhish are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- HTTP Server serving obfuscated Powershell Scripts/Payloads☆94Jul 3, 2021Updated 4 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.☆1,577Nov 9, 2021Updated 4 years ago
- ☆418Apr 28, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆869Mar 20, 2023Updated 3 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- ☆133Dec 19, 2020Updated 5 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,453Dec 18, 2022Updated 3 years ago
- DCSync Attack from Outside using Impacket☆115May 2, 2022Updated 3 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- ☆133Jul 14, 2021Updated 4 years ago
- Hide your payload in DNS☆614May 3, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication…☆44Mar 22, 2021Updated 5 years ago
- Self-developed tools for Lateral Movement/Code Execution☆720Aug 17, 2021Updated 4 years ago
- ☆1,675Apr 14, 2025Updated 11 months ago
- Get file less command execution for lateral movement.☆637Jun 3, 2022Updated 3 years ago
- ☆538Nov 20, 2021Updated 4 years ago
- An Office365 User Attack Tool☆646Mar 19, 2024Updated 2 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆270Mar 18, 2021Updated 5 years ago
- BadAssMacros - C# based automated Malicous Macro Generator.☆439Jan 8, 2022Updated 4 years ago
- Small and convenient C2 tool for Windows targets☆614Mar 8, 2022Updated 4 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- A C2 post-exploitation framework☆486Jan 24, 2024Updated 2 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆880Mar 29, 2021Updated 5 years ago
- c++ fully undetected shellcode launcher ;)☆980Jun 11, 2021Updated 4 years ago
- Retrieve LAPS password from LDAP☆437Feb 17, 2021Updated 5 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆617Feb 16, 2023Updated 3 years ago
- A User Impersonation tool - via Token or Shellcode injection☆423May 21, 2022Updated 3 years ago
- "Golden" certificates☆709Aug 17, 2024Updated last year
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆501May 16, 2023Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,169Sep 29, 2021Updated 4 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 4 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆182Aug 4, 2021Updated 4 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆436Feb 16, 2026Updated last month
- Identify common attack paths to get Domain Administrator☆21Aug 20, 2019Updated 6 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆744Feb 24, 2026Updated last month
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,610Jul 10, 2023Updated 2 years ago
- Excel 4.0 (XLM) Macro Generator for injecting DLLs and EXEs into memory.☆515Sep 23, 2020Updated 5 years ago