Sustainable shellcode evasion
☆112Dec 11, 2024Updated last year
Alternatives and similar repositories for crimson-forge
Users that are interested in crimson-forge are comparing it to the libraries listed below
Sorting:
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆170Aug 10, 2020Updated 5 years ago
- A port of FuzzySecurity's UrbanBishop project for inline shellcode execution☆118Sep 29, 2020Updated 5 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago
- Managed assembly shellcode generation☆280Mar 19, 2021Updated 4 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆230Jul 30, 2020Updated 5 years ago
- lateral movement techniques that can be used during red team exercises☆273Jan 13, 2020Updated 6 years ago
- Reconnaissance tool for Microsoft Office 365☆69Nov 21, 2018Updated 7 years ago
- DropEngine provides a malleable framework for creating shellcode runners, allowing operators to choose from a selection of components and…☆214Nov 26, 2020Updated 5 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆90Nov 5, 2021Updated 4 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆345Sep 1, 2021Updated 4 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- ☆24Jun 29, 2020Updated 5 years ago
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆203Jul 2, 2017Updated 8 years ago
- Library of traffic redirectors☆26Apr 7, 2020Updated 5 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking☆142May 23, 2020Updated 5 years ago
- ☆142May 4, 2022Updated 3 years ago
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- Spin up RedTeam infrastructure on AWS via Ansible☆64Aug 25, 2020Updated 5 years ago
- ☆92Aug 23, 2021Updated 4 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- C# program to take a full size screenshot or a recording of the user's desktop. Takes in 0-3 flags☆84Oct 2, 2020Updated 5 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆284Oct 29, 2024Updated last year
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆185Feb 11, 2021Updated 5 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- ☆153Jan 6, 2023Updated 3 years ago