Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective
☆167Jan 12, 2026Updated 2 months ago
Alternatives and similar repositories for RelayInformer
Users that are interested in RelayInformer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A C# utility for interacting with SCOM☆96Dec 2, 2025Updated 3 months ago
- ☆139Nov 17, 2025Updated 4 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆112Jan 26, 2026Updated last month
- A BOF that's a BOF Loader and more☆200Jan 17, 2026Updated 2 months ago
- UDC2 implementation that provides an ICMP C2 channel☆118Nov 24, 2025Updated 3 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated 2 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 5 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆46Feb 24, 2026Updated 3 weeks ago
- Beacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.☆186Dec 23, 2025Updated 3 months ago
- ☆37Dec 4, 2025Updated 3 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆169Sep 22, 2025Updated 6 months ago
- dcsync bof☆46Feb 13, 2026Updated last month
- AppLocker-Based EDR Neutralization☆325Dec 19, 2025Updated 3 months ago
- ☆50Jun 4, 2025Updated 9 months ago
- Python script to leverage MSFT_MTProcess WMI class☆40Sep 17, 2025Updated 6 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆103Jan 9, 2026Updated 2 months ago
- ☆52May 4, 2025Updated 10 months ago
- Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams☆34Jan 27, 2026Updated last month
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated last month
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆129Jan 28, 2026Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 10 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆282Feb 21, 2026Updated last month
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆98Mar 20, 2023Updated 3 years ago
- ☆13Mar 3, 2025Updated last year
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆27Jul 4, 2025Updated 8 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆230Nov 6, 2025Updated 4 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- ☆35Updated this week
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆42Feb 6, 2026Updated last month
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆174Sep 3, 2025Updated 6 months ago
- a BOF implementation of various registry persistence methods☆96Nov 11, 2025Updated 4 months ago
- ☆55May 31, 2025Updated 9 months ago
- ☆43Dec 24, 2025Updated 2 months ago