Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
☆3,900Jan 24, 2024Updated 2 years ago
Alternatives and similar repositories for unicorn
Users that are interested in unicorn are comparing it to the libraries listed below
Sorting:
- Empire is a PowerShell and Python post-exploitation agent.☆7,818Jan 19, 2020Updated 6 years ago
- An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR☆2,322Dec 6, 2023Updated 2 years ago
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- Payload Generation Framework☆1,964Aug 21, 2024Updated last year
- The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.☆5,494Sep 22, 2024Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,889Aug 17, 2020Updated 5 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,546Aug 2, 2019Updated 6 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,913Nov 19, 2025Updated 3 months ago
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,759Apr 25, 2024Updated last year
- HTA encryption tool for RedTeams☆1,424Nov 9, 2022Updated 3 years ago
- PowerShell Obfuscator☆4,205Aug 10, 2023Updated 2 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆4,620Jul 18, 2024Updated last year
- Wiki to collect Red Team infrastructure hardening resources☆4,448Oct 1, 2025Updated 5 months ago
- Veil 3.1.X (Check version info in Veil at runtime)☆4,200Oct 9, 2023Updated 2 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,213Aug 7, 2025Updated 6 months ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,128Feb 10, 2021Updated 5 years ago
- Six Degrees of Domain Admin☆10,540Aug 1, 2025Updated 7 months ago
- A tool to abuse Exchange services☆2,300Jun 10, 2024Updated last year
- TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.☆1,307Jan 31, 2022Updated 4 years ago
- My musings with PowerShell☆2,703Nov 19, 2021Updated 4 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,012Jul 3, 2018Updated 7 years ago
- Run PowerShell command without invoking powershell.exe☆1,533Mar 23, 2023Updated 2 years ago
- Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C☆8,943Mar 22, 2024Updated last year
- AntiVirus Evasion Tool☆1,741Apr 23, 2025Updated 10 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,838Jun 15, 2020Updated 5 years ago
- Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Dir…☆1,623Jan 23, 2024Updated 2 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,822Mar 17, 2021Updated 4 years ago
- Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensi…☆4,479Jan 10, 2025Updated last year
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- SharpSploit is a .NET post-exploitation library written in C#☆1,859Aug 12, 2021Updated 4 years ago
- PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server☆2,689Dec 12, 2024Updated last year
- Trying to tame the three-headed dog.☆4,893Nov 14, 2025Updated 3 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆6,353Jan 26, 2026Updated last month
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,173May 11, 2023Updated 2 years ago
- macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other f…☆2,301Aug 15, 2024Updated last year
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,528Jun 30, 2023Updated 2 years ago
- MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communicati…☆525Apr 13, 2017Updated 8 years ago
- A tool for automating cracking methodologies through Hashcat from the TrustedSec team.☆1,803Feb 23, 2026Updated last week