-
docker-cobaltstrike Public
Docker container for running CobaltStrike 4.7 and above
-
LayeredSyscall Public
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.
-
FuncAddressPro Public
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
-
Malleable-CS-Profiles Public
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
-
-
-
WMIExec Public
Set of python scripts which perform different ways of command execution via WMI protocol.
-
GregsBestFriend Public
GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
-
dcomhijack Public
Lateral Movement Using DCOM and DLL Hijacking
-
Warmer Public
Selenium-based Python script to automate sending emails to warm up your sender reputation and improve email deliverability
-
-
StackMask Public
A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
-
WKL-Passwords Public
Wordlist, rules and masks from White Knight Labs
-
okta-mfa-check Public
OKTA MFA Check using Python and Selenium. Tool checks valid OKTA accounts to determine which MFA options are enabled/disabled
-
{{ message }}