GithubHelp home page GithubHelp logo

g0ldengunsec's Projects

backdoorlnkmacrostagercellembed icon backdoorlnkmacrostagercellembed

Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is done to obtain a shell via follow-up user interaction natively through powershell, in order to evade tools that monitor process execution. Data is embedded in .xls cells and called in the macro to evade detection. Backdoors are self-cleaning on execution.

backdoorlnkmacrostagerobfuscated icon backdoorlnkmacrostagerobfuscated

Obfuscated Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is done to obtain a shell via follow-up user interaction natively through powershell, in order to evade tools that monitor process execution. Backdoors are self-cleaning on execution.

covenant icon covenant

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.

daybird icon daybird

Extension functionality for the NightHawk operator client

empire icon empire

Empire is a PowerShell and Python post-exploitation agent.

getwebdavstatus icon getwebdavstatus

Determine if the WebClient Service (WebDAV) is running on a remote system

impacket icon impacket

Impacket is a collection of Python classes for working with network protocols.

powerpriv icon powerpriv

A Powershell implementation of PrivExchange designed to run under the current user's context

preliminarybackdoorlnkmacrostager icon preliminarybackdoorlnkmacrostager

Original testing version of the backdoorLnkMacroStager - please reference backdoorLnkMacroStagerObfuscated or backdoorLnkMacroStagerCellEmbed for current versions

rubeus icon rubeus

Trying to tame the three-headed dog.

sharpsecdump icon sharpsecdump

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py

sharptransactedload icon sharptransactedload

Load .net assemblies from memory while having them appear to be loaded from an on-disk location.

standin icon standin

StandIn is a small .NET35/45 AD post-exploitation toolkit

wmiservsessenum icon wmiservsessenum

.net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.