wietze / windows-command-line-obfuscation

Related projects: ⓘ

• airbus-cert / Invoke-Bof
  Load any Beacon Object File using Powershell!
  ☆245Updated 2 years ago
• subat0mik / whoamsi
  An effort to track security vendors' use of Microsoft's Antimalware Scan Interface
  ☆227Updated 2 years ago
• jsecurity101 / MSRPC-to-ATTACK
  A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
  ☆305Updated last year
• jfmaes / Invoke-DLLClone
  Koppeling x Metatwin x LazySign
  ☆200Updated 3 years ago
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆162Updated last year
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆142Updated 3 years ago
• xpn / sccmwtf
  ☆141Updated 10 months ago
• bats3c / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆259Updated 3 years ago
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆230Updated 2 years ago
• 3xpl01tc0d3r / Callidus
  ☆161Updated last year
• xforcered / WFH
  ☆180Updated 2 years ago
• nettitude / MalSCCM
  ☆241Updated 11 months ago
• boku7 / winx64-InjectAllProcessesMeterpreter-Shellcode
  64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
  ☆127Updated last year
• Flangvik / AzureC2Relay
  AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…
  ☆208Updated 3 years ago
• xforcered / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆253Updated 2 years ago
• RiccardoAncarani / LiquidSnake
  LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
  ☆328Updated 3 years ago
• Allevon412 / TeamsImplant
  ☆200Updated 2 years ago
• rvrsh3ll / Rubeus-Rundll32
  Run Rubeus via Rundll32
  ☆193Updated 4 years ago
• BC-SECURITY / Offensive-VBA-and-XLS-Entanglement
  ☆124Updated 3 years ago
• jfmaes / SharpZipRunner
  Executes position independent shellcode from an encrypted zip
  ☆300Updated 3 years ago
• mandiant / OfficePurge
  ☆258Updated last year
• RedSiege / hot-manchego
  Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.
  ☆140Updated 4 years ago
• outflanknl / FindObjects-BOF
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆265Updated last year
• CCob / SylantStrike
  Simple EDR implementation to demonstrate bypass
  ☆152Updated 4 years ago
• improsec / ImproHound
  Identify the attack paths in BloodHound breaking your AD tiering
  ☆294Updated last year
• SpecterOps / presentations
  SpecterOps Presentations
  ☆176Updated last month
• Semperis / GoldenGMSA
  GolenGMSA tool for working with GMSA passwords
  ☆133Updated 5 months ago
• SadProcessor / HandsOnBloodHound
  Material for the "Hands-On BloodHound" Workshop
  ☆104Updated 3 years ago
• xforcered / CredBandit
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆229Updated 3 years ago
• bohops / WSMan-WinRM
  A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object
  ☆219Updated 4 years ago