waelmas / frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
☆349Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for frameless-bitb
- Evilginx Phishing Engagement Infrastructure Setup Guide☆301Updated last month
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆402Updated 3 months ago
- ☆275Updated last year
- Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and …☆85Updated 4 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆516Updated 4 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆341Updated last month
- Automated Active Directory Enumeration☆414Updated last week
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆426Updated last week
- JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…☆338Updated 2 months ago
- Tool to remotely dump secrets from the Windows registry☆401Updated 3 months ago
- A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them bi…☆328Updated 4 months ago
- ☆280Updated 11 months ago
- Lab used for workshop and CTF☆156Updated last month
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆639Updated 6 months ago
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆209Updated 3 months ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆332Updated 3 weeks ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆257Updated last year
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆116Updated 2 weeks ago
- A Slack bot phishing framework for Red Teaming exercises☆159Updated 6 months ago
- DPAPI looting remotely and locally in Python☆423Updated last week
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆158Updated 5 months ago
- Amsi Bypass payload that works on Windwos 11☆370Updated last year
- ☆135Updated last month
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆116Updated 3 weeks ago
- Pentest Report Generator☆377Updated 2 months ago
- A RedTeam Toolkit☆385Updated 3 weeks ago
- Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC☆154Updated 9 months ago
- ☆191Updated last month
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆542Updated 3 months ago