This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remote code execution. This automates generating an HTA downloader and embeds it in the SettingContent-ms file for you and starts Apache.
☆54Jun 15, 2018Updated 7 years ago
Alternatives and similar repositories for auto_SettingContent-ms
Users that are interested in auto_SettingContent-ms are comparing it to the libraries listed below
Sorting:
- This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want …☆23Oct 8, 2014Updated 11 years ago
- WPUpdate is a simple Linux service that automatically checks for a new version of Wordpress each night at 2AM.☆36Feb 7, 2014Updated 12 years ago
- SimpleEmail is a email recon tool that is fast and easy framework to build on☆49Nov 11, 2015Updated 10 years ago
- SprayWMI is an easy way to get mass shells on systems that support WMI. Much more effective than PSEXEC as it does not leave remnants on …☆250Nov 24, 2015Updated 10 years ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆35Nov 10, 2016Updated 9 years ago
- Metasploit Framework☆29Dec 11, 2013Updated 12 years ago
- AV/EDR evasion via direct system calls.☆33Dec 7, 2020Updated 5 years ago
- ☆81Nov 2, 2019Updated 6 years ago
- This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several dif…☆445Nov 30, 2023Updated 2 years ago
- A swiss army knife for pentesting Windows/Active Directory environments☆50Apr 3, 2016Updated 9 years ago
- PoC code from blog☆16Mar 10, 2020Updated 6 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29May 5, 2018Updated 7 years ago
- ☆16Aug 2, 2018Updated 7 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Oct 24, 2017Updated 8 years ago
- A repo of fake committed secrets to test tools that find committed secrets ([dont submit for BB :-) ]☆10Mar 22, 2018Updated 7 years ago
- Load C# Code straight to memory☆56May 14, 2020Updated 5 years ago
- This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several dif…☆34Jun 10, 2018Updated 7 years ago
- Scan MSSQL databases for payment card data without relying on key words☆19Apr 10, 2017Updated 8 years ago
- Pivoter is a proxy tool for pentesters to have easier lateral movement.☆144Aug 9, 2015Updated 10 years ago
- Manage Engine Decrypter☆24Oct 17, 2022Updated 3 years ago
- ☆129Apr 2, 2018Updated 7 years ago
- HackSys Extreme Vulnerable Driver - Various Windows 7 x86 Kernel Exploits☆22Jan 13, 2018Updated 8 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Proxy Helper is a WiFi Pineapple module that will automatically configure the Pineapple for use with a proxy such as Burp Suite.☆38Oct 15, 2022Updated 3 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆106Feb 10, 2021Updated 5 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118May 31, 2019Updated 6 years ago
- Automatically parses and attacks BloodHound-generated graphs☆43Jul 16, 2018Updated 7 years ago
- Kerberos accounts enumeration taking advantage of AS-REQ☆43Apr 25, 2018Updated 7 years ago
- hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified opt…☆382Feb 4, 2022Updated 4 years ago
- PowerShell Empire Web Interface☆330May 20, 2023Updated 2 years ago
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- some java code i met or i used☆29May 7, 2019Updated 6 years ago
- ☆16Jun 13, 2022Updated 3 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆231Nov 17, 2017Updated 8 years ago
- ☆526Sep 15, 2022Updated 3 years ago
- A Tool for cross-platform System Enumeration☆12Mar 20, 2017Updated 9 years ago
- Code Exec via Excel☆89Jul 31, 2017Updated 8 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆31Dec 19, 2017Updated 8 years ago
- 资源分享☆19Nov 3, 2018Updated 7 years ago