☆121Nov 21, 2024Updated last year
Alternatives and similar repositories for CloudInject
Users that are interested in CloudInject are comparing it to the libraries listed below
Sorting:
- ☆189Nov 21, 2024Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- ☆218Mar 26, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- ☆100Sep 1, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year
- Position-independent Reflective Loader for macOS☆120Feb 19, 2026Updated last month
- Tools for interacting with authentication packages using their individual message protocols☆419Mar 1, 2026Updated 2 weeks ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- ☆160Jan 27, 2025Updated last year
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆166Dec 7, 2024Updated last year
- ☆14Mar 19, 2024Updated 2 years ago
- ☆101Oct 7, 2023Updated 2 years ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 8 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Feb 9, 2024Updated 2 years ago
- ☆244May 5, 2024Updated last year
- TokenCert☆102Nov 15, 2024Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Python utility that generates "imageless" QR codes in various formats☆138Aug 10, 2024Updated last year
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆203Jun 6, 2024Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated 2 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- A BOF that runs unmanaged PEs inline☆683Oct 23, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆680Aug 15, 2025Updated 7 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆864Feb 3, 2024Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆324Jun 18, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago