Category: Exploitation

CobaltStrike BOF

CobaltStrike BOF: Collection of beacon BOF

CobaltStrike BOF Collection of beacon BOF. 1 ) DCOM Lateral Movement A quick PoC that uses DCOM (ShellWindows) via beacon object files for lateral movement. You can either specify credentials or use the current...


Unicorn v3.17 released: PowerShell downgrade attack

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and...

Bad Outlook

Bad Outlook: Malicious Outlook Reader

Bad Outlook A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a specific trigger subject line. By utilizing Microsoft.Office.Interop.Outlook namespace, developers can represent the entire...