Code snippet to create a process using the "PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON" flag
-
Updated
Mar 17, 2023 - C#
Code snippet to create a process using the "PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON" flag
A C# console utility for interacting with MSSQL servers
RAT written in C#
Remote Administration Tool for Windows
A command-line payload delivery and execution tool
Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engagements using DNS tunneling.
Autowin is a framework that helps organizations simulate custom attack scenarios in order to improve detection and response capabilities.
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
Apfell implant written in C#.
A forked version of Atomic YAML instructions and technique dependencies used by ARTiC2 controllers to construct and execute red team atomic test cases from memory
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
C# API for Nidhogg rootkit
Receive the status of Windows Defender Credential Guard on network hosts.
JALSI - Just Another Lame Shellcode Injector
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
Add a description, image, and links to the red-team topic page so that developers can more easily learn about it.
To associate your repository with the red-team topic, visit your repo's landing page and select "manage topics."