xpn/AppProxyC2

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xpn/AppProxyC2)

xpn / AppProxyC2

☆70

Alternatives and similar repositories for AppProxyC2

Users that are interested in AppProxyC2 are comparing it to the libraries listed below

Sorting:

MartinIngesen / TokenStomp
View on GitHub
C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
☆144Feb 23, 2022Updated 4 years ago
Yaxser / CobaltStrike-BOF
View on GitHub
Collection of beacon BOF written to learn windows and cobaltstrike
☆362Feb 24, 2023Updated 3 years ago
Octoberfest7 / EventViewerUAC_BOF
View on GitHub
Beacon Object File implementation of Event Viewer deserialization UAC bypass
☆133May 6, 2022Updated 3 years ago
mdsecactivebreach / SharpAltiris
View on GitHub
☆25Jul 7, 2022Updated 3 years ago
G0ldenGunSec / SharpTransactedLoad
View on GitHub
Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
☆173May 5, 2021Updated 4 years ago
frkngksl / ParallelNimcalls
View on GitHub
Nim version of MDSec's Parallel Syscall PoC
☆123Jan 14, 2022Updated 4 years ago
anthemtotheego / CredBandit
View on GitHub
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
☆219Jul 14, 2021Updated 4 years ago
rsmudge / unhook-bof
View on GitHub
Remove API hooks from a Beacon process.
☆282Sep 18, 2021Updated 4 years ago
checkymander / Carbuncle
View on GitHub
Tool for interacting with outlook interop during red team engagements
☆146Jun 29, 2021Updated 4 years ago
rvrsh3ll / SharpSMBSpray
View on GitHub
Spray a hash via smb to check for local administrator access
☆142Feb 7, 2021Updated 5 years ago
m8sec / EAPrimer
View on GitHub
C# project to Reflectively load .Net assemblies in memory
☆19Jun 19, 2024Updated last year
outflanknl / WdToggle
View on GitHub
A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
☆220May 3, 2023Updated 2 years ago
matterpreter / SHAPESHIFTER
View on GitHub
Companion PoC for the "Adventures in Dynamic Evasion" blog post
☆129May 25, 2021Updated 4 years ago
CCob / MirrorDump
View on GitHub
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
☆269Mar 18, 2021Updated 4 years ago
apokryptein / secinject
View on GitHub
Section Mapping Process Injection (secinject): Cobalt Strike BOF
☆102Jan 7, 2022Updated 4 years ago
anthemtotheego / Detect-Hooks
View on GitHub
Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
☆158Jul 22, 2021Updated 4 years ago
Crypt0s / Ampulex
View on GitHub
A fork of https://github.com/SafeBreach-Labs/pinjectra with a practical implementation of Stack Bombing
☆29Oct 22, 2020Updated 5 years ago
Flangvik / AzureC2Relay
View on GitHub
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…
☆235Feb 15, 2021Updated 5 years ago
FalconForceTeam / SysWhispers2BOF
View on GitHub
Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
☆125May 24, 2022Updated 3 years ago
rxwx / cs-rdll-ipc-example
View on GitHub
Example code for using named pipe output with beacon ReflectiveDLLs
☆121Jun 24, 2020Updated 5 years ago
gitjdm / dumper2020
View on GitHub
Yet another LSASS dumper
☆74Dec 29, 2020Updated 5 years ago
m57 / cobaltstrike_bofs
View on GitHub
My CobaltStrike BOFS
☆167Jul 23, 2022Updated 3 years ago
N4kedTurtle / SharpTeamsDump
View on GitHub
Dump Teams conversations
☆18Jun 9, 2021Updated 4 years ago
CodeXTF2 / cobaltstrike-headless
View on GitHub
Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
☆147Sep 8, 2022Updated 3 years ago
securifybv / Visual-Studio-BOF-template
View on GitHub
A Visual Studio template used to create Cobalt Strike BOFs
☆323Nov 17, 2021Updated 4 years ago
aahmad097 / ZoomPersistence
View on GitHub
Zoom Persistence Aggressor and Handler
☆55Mar 24, 2021Updated 4 years ago
waldo-irc / YouMayPasser
View on GitHub
You shall pass
☆270Jul 16, 2022Updated 3 years ago
bashexplode / cs2webconfig
View on GitHub
Convert Cobalt Strike profiles to IIS web.config files
☆114Aug 23, 2021Updated 4 years ago
Sh0ckFR / InlineWhispers2
View on GitHub
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
☆187Jul 21, 2022Updated 3 years ago
dtmsecurity / bof_helper
View on GitHub
Beacon Object File (BOF) Creation Helper
☆236May 3, 2022Updated 3 years ago
Henkru / cs-token-vault
View on GitHub
In-memory token vault BOF for Cobalt Strike
☆149Aug 18, 2022Updated 3 years ago
pwn1sher / CS-BOFs
View on GitHub
Collection of CobaltStrike beacon object files
☆105Feb 14, 2022Updated 4 years ago
Cerbersec / DomainBorrowingC2
View on GitHub
☆170May 20, 2021Updated 4 years ago
rvrsh3ll / BOF_Collection
View on GitHub
Various Cobalt Strike BOFs
☆743Oct 16, 2022Updated 3 years ago
tomcarver16 / BOF-DLL-Inject
View on GitHub
Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
☆152Sep 3, 2020Updated 5 years ago
jfmaes / DeepSleep
View on GitHub
all credits go to @mgeeky
☆65Oct 14, 2021Updated 4 years ago
xforcered / CredBandit
View on GitHub
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
☆244Jul 14, 2021Updated 4 years ago
warhorse / ansible-role-cobaltstrike-docker
View on GitHub
Ansible Cobalt Strike (Docker)
☆15Jan 8, 2022Updated 4 years ago
byt3bl33d3r / pyMalleableC2
View on GitHub
Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
☆284Oct 29, 2024Updated last year