ustayready / tradecraftView external linksLinks
Red Teaming Tradecraft
☆28Sep 28, 2022Updated 3 years ago
Alternatives and similar repositories for tradecraft
Users that are interested in tradecraft are comparing it to the libraries listed below
Sorting:
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- Dumping LSASS Evaded Endpoint Security Solutions☆18Feb 15, 2025Updated last year
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- ☆12Jun 4, 2025Updated 8 months ago
- A cmake template for crystal palace☆38Dec 20, 2025Updated last month
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- .Net Assembly loader for the GMSAPasswordReader☆17Feb 15, 2023Updated 2 years ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 6 months ago
- Simple netexec wraper with html repport☆19May 19, 2024Updated last year
- modified mssqlclient from impacket to extract policies from the SCCM database☆42Nov 4, 2025Updated 3 months ago
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated 9 months ago
- ☆19Jul 26, 2019Updated 6 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 10 months ago
- 高版本Fastjson在Java原生反序列化中的利用演示☆26Jan 12, 2025Updated last year
- ☆25Oct 1, 2025Updated 4 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆25Jul 26, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- A comprehensive list of aerospace affiliated CVEs 🚀👾⚠️☆27Dec 22, 2024Updated last year
- ☆163Nov 19, 2025Updated 2 months ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22May 31, 2024Updated last year
- Test bench lab for Shellcode Obfuscation☆34Sep 2, 2025Updated 5 months ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆135Apr 6, 2025Updated 10 months ago
- Collection of powershell scripts I used to complete my CARTP and CARTE courses.☆47Aug 20, 2025Updated 5 months ago
- Mentally ill EtwTi parser☆66Jan 11, 2026Updated last month
- shell code example☆67Dec 12, 2025Updated 2 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- Custom queries list for BloodHound☆31Jul 8, 2025Updated 7 months ago
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆136Aug 31, 2025Updated 5 months ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆226Mar 28, 2025Updated 10 months ago
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆220Jun 4, 2025Updated 8 months ago
- 横向移动三剑客 ( Lateral movement tools)☆30Nov 16, 2021Updated 4 years ago
- WinRAR 0day CVE-2025-8088 PoC RAR Archive☆45Aug 12, 2025Updated 6 months ago