An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/master/UrbanBishop)
☆24Jun 17, 2020Updated 5 years ago
Alternatives and similar repositories for Athena
Users that are interested in Athena are comparing it to the libraries listed below
Sorting:
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆152Sep 3, 2020Updated 5 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- Cobalt Strike Get clipboard plugin☆15Aug 11, 2023Updated 2 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- ☆61Aug 30, 2021Updated 4 years ago
- C# application that allows you to quick run SSH commands against a host or list of hosts☆42Sep 21, 2020Updated 5 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆101Sep 30, 2020Updated 5 years ago
- Remove API hooks from a Beacon process.☆14Sep 18, 2021Updated 4 years ago
- ☆46Dec 5, 2023Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- My CobaltStrike BOFS☆167Jul 23, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- ☆109Feb 17, 2025Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆36Dec 1, 2025Updated 3 months ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆211Mar 18, 2024Updated last year
- .NET 4.0 Remote Desktop Manager Password Gatherer☆81Sep 29, 2020Updated 5 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆362Feb 24, 2023Updated 3 years ago