There are no reviews yet. Be the first to send feedback to the community and the maintainers!
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.GhostTask
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.ScheduleRunner
A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operationServiceMove-BOF
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.RDPHijack-BOF
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.TrustedPath-UACBypass-BOF
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.ClipboardHistoryThief
POC tool to extract all persistent clipboard history data from clipboard service process memoryVulnerability-Disclosure
Love Open Source and this site? Check out how you can help us