tothi / malicious-service
Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
☆13Updated last year
Related projects: ⓘ
- Create PDFs with HTML smuggling attachments that save on opening the document.☆26Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- ☆45Updated last year
- Items related to the RedELK workshop given at security conferences☆25Updated 11 months ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32Updated 3 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆29Updated 2 years ago
- A care package of useful bofs for red team engagments☆47Updated last year
- C# project to Reflectively load .Net assemblies in memory☆15Updated 3 months ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆37Updated 3 years ago
- Scripts to interact with Microsoft Graph APIs☆29Updated 2 months ago
- Modified version of PEAS client for offensive operations☆38Updated last year
- ☆57Updated 9 months ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆23Updated 7 months ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆35Updated last year
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆10Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated 11 months ago
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- ☆15Updated 5 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated last year
- Generate droppers with encrypted payloads automatically.☆53Updated 2 years ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- ☆10Updated this week
- PowerSploit - A PowerShell Post-Exploitation Framework☆41Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆30Updated last year
- A repository with my code snippets for research/education purposes.☆51Updated last year
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆11Updated 2 years ago
- Bunch of BOF files☆21Updated 7 months ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago