Alternatives and similar repositories for CACTUSTORCH_DDEAUTO

Users that are interested in CACTUSTORCH_DDEAUTO are comparing it to the libraries listed below

• 0xdeadbeefJERKY / Office-DDE-Payloads

  View on GitHub
  Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
  ☆638Jul 16, 2023Updated 2 years ago
• p292 / DDEAutoCS

  View on GitHub
  A cobaltstrike script that integrates DDEAuto Attacks
  ☆63Oct 17, 2017Updated 8 years ago
• Arno0x / WebDavDelivery

  View on GitHub
  A WebDAV PROPFIND covert channel to deliver payloads
  ☆52Nov 14, 2017Updated 8 years ago
• cldrn / macphish

  View on GitHub
  Office for Mac Macro Payload Generator
  ☆244Sep 25, 2025Updated 4 months ago
• Mr-Un1k0d3r / SCT-obfuscator

  View on GitHub
  Cobalt Strike SCT payload obfuscator
  ☆143Jul 7, 2017Updated 8 years ago
• Cn33liz / JSMeter

  View on GitHub
  JavaScript Reversed TCP Meterpreter Stager
  ☆138May 25, 2017Updated 8 years ago
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆459Nov 23, 2017Updated 8 years ago
• xillwillx / tricky.lnk

  View on GitHub
  Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Paylo…
  ☆115Dec 19, 2020Updated 5 years ago
• clr2of8 / Commentator

  View on GitHub
  ☆50Sep 25, 2017Updated 8 years ago
• Arno0x / ObfuscateCactusTorch

  View on GitHub
  When CactusTorch meets WebDavDelivery and obfuscation
  ☆63Sep 19, 2017Updated 8 years ago
• Cn33liz / CScriptShell

  View on GitHub
  CScriptShell, a Powershell Host running within cscript.exe
  ☆162Apr 11, 2017Updated 8 years ago
• nccgroup / demiguise

  View on GitHub
  HTA encryption tool for RedTeams
  ☆1,425Nov 9, 2022Updated 3 years ago
• danielbohannon / Out-FINcodedCommand

  View on GitHub
  POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…
  ☆105Jul 2, 2017Updated 8 years ago
• FSecureLABS / wePWNise

  View on GitHub
  WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…
  ☆353Aug 27, 2018Updated 7 years ago
• DanMcInerney / SMB-reverse-brute

  View on GitHub
  Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords
  ☆51Oct 24, 2017Updated 8 years ago
• z0noxz / powerstager

  View on GitHub
  A payload stager using PowerShell
  ☆183Dec 15, 2019Updated 6 years ago
• vletoux / NTLMInjector

  View on GitHub
  In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)
  ☆169Jun 8, 2017Updated 8 years ago
• V1V1 / Sleight

  View on GitHub
  Empire HTTP(S) C2 redirector setup script
  ☆48Jul 10, 2018Updated 7 years ago
• vysecurity / morphHTA

  View on GitHub
  morphHTA - Morphing Cobalt Strike's evil.HTA
  ☆526Apr 14, 2023Updated 2 years ago
• n0pe-sled / Apache2-Mod-Rewrite-Setup

  View on GitHub
  Quickly Implement Mod-Rewrite in your infastructure
  ☆86Apr 21, 2017Updated 8 years ago
• Mr-Un1k0d3r / MaliciousMacroGenerator

  View on GitHub
  Malicious Macro Generator
  ☆831Apr 17, 2019Updated 6 years ago
• tevora-threat / eternal_blue_powershell

  View on GitHub
  Port of eternal blue exploits to powershell
  ☆151Jun 3, 2017Updated 8 years ago
• curi0usJack / luckystrike

  View on GitHub
  A PowerShell based utility for the creation of malicious Office macro documents.
  ☆1,111Nov 3, 2017Updated 8 years ago
• Arno0x / WebDavC2

  View on GitHub
  A WebDAV PROPFIND C2 tool
  ☆119Aug 27, 2019Updated 6 years ago
• hlldz / SpookFlare

  View on GitHub
  Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
  ☆950May 8, 2019Updated 6 years ago
• Arno0x / PowerShellScripts

  View on GitHub
  Collection of PowerShell scripts
  ☆450Dec 18, 2017Updated 8 years ago
• 0xbadjuju / Sharpire

  View on GitHub
  A C# implementation of the PowerShell Empire Agent
  ☆74Apr 22, 2019Updated 6 years ago
• Cn33liz / StarFighters

  View on GitHub
  A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.
  ☆322Jun 5, 2017Updated 8 years ago
• darkquasar / WMI_Persistence

  View on GitHub
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆88Oct 6, 2017Updated 8 years ago
• quickbreach / SMBetray

  View on GitHub
  SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…
  ☆383Aug 17, 2018Updated 7 years ago
• checkymander / iMessagesBackdoor

  View on GitHub
  A script to help set up an event handler in order to install a persistent backdoor that can be activated by sending a message.
  ☆178Jul 21, 2020Updated 5 years ago
• SpiderLabs / SharpCompile

  View on GitHub
  SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…
  ☆290Aug 7, 2020Updated 5 years ago
• Mr-Un1k0d3r / ThunderShell

  View on GitHub
  Python / C# Unmanaged PowerShell based RAT
  ☆771Mar 29, 2023Updated 2 years ago
• Cybereason / Invoke-WMILM

  View on GitHub
  ☆230May 10, 2018Updated 7 years ago
• bkup / SlackShell

  View on GitHub
  PowerShell to Slack C2
  ☆109May 31, 2018Updated 7 years ago
• icebearfriend / deckbuilder

  View on GitHub
  Cobalt Strike cna script for randomized argument spoofing
  ☆51Apr 4, 2019Updated 6 years ago
• FuzzySecurity / CapstoneKeystone-PowerShell

  View on GitHub
  PowerShell Module Bindings for Capstone/Keystone
  ☆25Nov 15, 2016Updated 9 years ago
• n4xh4ck5 / V1D0m

  View on GitHub
  Enumerate subdomains through Virustotal
  ☆32Nov 2, 2019Updated 6 years ago
• giMini / mimiDbg

  View on GitHub
  PowerShell oneliner to retrieve wdigest passwords from the memory
  ☆220Dec 11, 2017Updated 8 years ago