Travis Eminhizer's starred repositories
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
LOLDrivers
Living Off The Land Drivers
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
ShellcodeTemplate
An easily modifiable shellcode template for Windows x64/x86
ThreadlessInject
Threadless Process Injection using remote function hooking.
ShadowClone
Unleash the power of cloud
SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
OperatorsKit
Collection of Beacon Object Files (BOF) for Cobalt Strike
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
KillDefenderBOF
Beacon Object File PoC implementation of KillDefender
gatekeeper
GATEKEEPER: Inline and on-target defense
PowerDrive
A tool for de-obfuscating PowerShell scripts
injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)