pyMalleableC2 A Python interpreter for Cobalt Strike Malleable C2 profiles that allows you to parse, modify, build them programmatically and validate syntax. Supports all of the Cobalt Strike Malleable C2...
DripLoader Evasive shellcode loader for bypassing event-based injection detection, without necessarily suppressing event collection (still added direct syscalls, just so I don’t have to deal with AV). The project is...
MeterPwrShell Automated Tool That Generates A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit, Bypass AMSI, Bypass Firewall, Bypass UAC, And Bypass Any AVs. This tool is powered by Metasploit-Framework and amsi.fail...
PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking Linux systems. There’s still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only...
BetterXencrypt A better version of Xencrypt.Xencrypt itself is a Powershell runtime crypter designed to evade AVs. cause Xencrypt is not FUD anymore and easily gets caught by AMSI, I recode...
CIMplant C# port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user’s session. Note: Some commands will use...
SNOWCRASH – polyglot payload generator SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user (in this case combined Bash and...
mediator Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a “mediator” server that bridges the connections. This removes the need for the...
CobaltStrike BOF Collection of beacon BOF. 1 ) DCOM Lateral Movement A quick PoC that uses DCOM (ShellWindows) via beacon object files for lateral movement. You can either specify credentials...
Girsh (Golang Interactive Reverse SHell) Who didn’t get bored of manually typing the few lines to upgrade a reverse shell to a full interactive reverse shell (tty spawn, stty size...
Bad Outlook A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a specific trigger subject line. By utilizing Microsoft.Office.Interop.Outlook namespace, developers...
DLLHSC DLL Hijack SCanner – A tool to generate leads and automate the discovery of candidates for DLL Search Order Hijacking. This repository hosts the Visual Studio project file for...
UnhookMe – Dynamically unhooking imports resolver In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements, modern adversaries must have...
RAT-el RAT-el is an open-source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the...
ScareCrow ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL...
Support Securityonline.info site. Thanks!
