Red Teaming Tradecraft
☆30Sep 28, 2022Updated 3 years ago
Alternatives and similar repositories for tradecraft
Users that are interested in tradecraft are comparing it to the libraries listed below
Sorting:
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆63Jan 5, 2026Updated 2 months ago
- Dumping LSASS Evaded Endpoint Security Solutions☆18Feb 15, 2025Updated last year
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- ☆12Jun 4, 2025Updated 9 months ago
- .Net Assembly loader for the GMSAPasswordReader☆19Feb 15, 2023Updated 3 years ago
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- Simple netexec wraper with html repport☆19May 19, 2024Updated last year
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated 10 months ago
- ☆19Jul 26, 2019Updated 6 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- 高版本Fastjson在Java原生反序列化中的利用演示☆26Jan 12, 2025Updated last year
- ☆25Oct 1, 2025Updated 5 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆25Jul 26, 2024Updated last year
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- A comprehensive list of aerospace affiliated CVEs 🚀👾⚠️☆27Dec 22, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- ☆163Nov 19, 2025Updated 3 months ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22May 31, 2024Updated last year
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆138Apr 6, 2025Updated 11 months ago
- ASPX Web Shell with COFF Loader☆79Updated this week
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- shell code example☆68Dec 12, 2025Updated 2 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- Collection of powershell scripts I used to complete my CARTP and CARTE courses.☆49Feb 27, 2026Updated last week
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 6 months ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆228Mar 28, 2025Updated 11 months ago
- WinRAR 0day CVE-2025-8088 PoC RAR Archive☆45Aug 12, 2025Updated 6 months ago
- 横向移动三剑客 ( Lateral movement tools)☆30Nov 16, 2021Updated 4 years ago
- Code execution/injection technique using DLL PEB module structure manipulation☆221Jun 4, 2025Updated 9 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- ☆10Aug 4, 2020Updated 5 years ago