wotwot563 / aad_prt_bof
☆64Updated 5 months ago
Related projects: ⓘ
- Lockless BOF☆62Updated 7 months ago
- Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines☆55Updated 2 weeks ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆111Updated 3 years ago
- Click Once + App Domain☆61Updated 9 months ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆57Updated 8 months ago
- ☆116Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆136Updated 6 months ago
- ☆135Updated 2 years ago
- ☆61Updated 2 years ago
- A simple BOF that frees UDRLs☆106Updated 2 years ago
- Simple BOF to read the protection level of a process☆101Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆93Updated last year
- Beacon Object File allowing creation of Beacons in different sessions.☆73Updated 2 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆117Updated 6 months ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆21Updated last year
- Lateral Movement via the .NET Profiler☆74Updated 3 months ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆38Updated 2 months ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆81Updated 2 years ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆46Updated 3 months ago
- Beacon Object File & C# project to check LDAP signing☆161Updated last month
- Implant drop-in for EDR testing☆126Updated 10 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆34Updated 9 months ago
- C# version of NTLMRawUnHide☆71Updated last year
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆87Updated 2 years ago
- ☆132Updated last year
- ☆105Updated last year
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆114Updated last year
- ☆91Updated 2 years ago