xct / rcat
rcat
☆67Updated 3 years ago
Alternatives and similar repositories for rcat:
Users that are interested in rcat are comparing it to the libraries listed below
- ☆58Updated last year
- SeManageVolumePrivilege to SYSTEM☆94Updated last year
- SeRestorePrivilege to SYSTEM☆95Updated 3 years ago
- Python based Bloodhound data converter from the legacy pre 4.1 format to 4.1+ format☆56Updated 2 years ago
- ☆31Updated 3 years ago
- ☆83Updated 2 months ago
- ☆65Updated 2 weeks ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆111Updated this week
- ☆29Updated 7 months ago
- ☆48Updated 2 years ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆80Updated 3 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- ☆14Updated 3 months ago
- Local & remote Windows DLL Proxying☆162Updated 9 months ago
- Impacket is a collection of Python classes for working with network protocols.☆69Updated 7 months ago
- Get SYSTEM via SeDebugPrivilege☆20Updated 2 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆118Updated 6 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆133Updated last week
- A Python based ingestor for BloodHound☆83Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆100Updated last year
- Github as C2 Demonstration , free API = free C2 Infrastructure☆135Updated last year
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆137Updated 8 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆124Updated 2 months ago
- C# havoc implant☆100Updated 2 years ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆171Updated last month
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆118Updated 9 months ago
- AV EVASION TECHNIQUES