Payload Loader With Evasion Features. Features: no crt functions imported indirect syscalls using HellHall api hashing using CRC32 hashing algorithm …

Payload Loader With Evasion Features. Features: no crt functions imported indirect syscalls using HellHall api hashing using CRC32 hashing algorithm …
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access …
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor …
Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process …
REW-sploit The tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.html#rew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploit_docs Need …
<div class="snippet-clipboard-content position-relative" data-snippet-clipboard-copy-content=" ___________.__ .______ ___ .__ __ __ ___\__ ___/| |_________ ____ _____ __| _/ | \|__| |__|____ …
The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using …
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or …
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely.The current version of …
Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the execute_assembly function with the SharpMove and …