tyranid / blackhat-usa-2022-demos
Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"
☆258Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for blackhat-usa-2022-demos
- One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html☆394Updated last week
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆361Updated 2 years ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆441Updated 7 months ago
- Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles☆368Updated last year
- ☆402Updated 2 years ago
- UDRL for CS��☆416Updated 11 months ago
- Persistence by writing/reading shellcode from Event Log☆367Updated 2 years ago
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆346Updated last year
- COM Hijacking VOODOO☆257Updated 8 months ago
- ☆340Updated last year
- ☆442Updated 2 years ago
- Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)☆270Updated 2 years ago
- Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)☆181Updated 3 years ago
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆460Updated last year
- POC for CVE-2022-39952☆266Updated last year
- PIC lsass dumper using cloned handles☆573Updated 2 years ago
- Framework for Kerberos relaying☆867Updated 2 years ago
- Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!☆433Updated last year
- Creating a repository with all public Beacon Object Files (BoFs)☆421Updated last year
- A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…☆493Updated 8 months ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆375Updated 2 years ago
- C# Lsass parser☆280Updated 3 years ago
- ☆400Updated 11 months ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆399Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆377Updated last year
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆258Updated 2 years ago
- ☆499Updated 3 years ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆245Updated last year