Koh

Token Stealer

A C# toolset used to capture user credential material by leaking token information from logon sessions.

The Token Stealer

GitHub

488 stars
10 watching
66 forks
Language: C#
last commit: over 2 years ago

Related projects:

Repository Description Stars
cyberark/skywrapper Detects suspicious temporary token usage in an AWS account to identify potential security threats. 104
trycatchhcf/packetwhisper A tool for stealthy data transfer using DNS queries and text-based steganography to evade attribution and detection. 624
nick-frischkorn/tokenstripbof A tool that weakens antivirus and EDR products by deleting process token privileges and lowering integrity level to untrusted. 32
alteredsecurity/365-stealer A phishing simulation tool that automates illicit consent grant attacks on Azure AD using Python3 and PHP. 458
mr-un1k0d3r/cookie-and-handle-stealer A tool for extracting browser master keys to decrypt user cookies 172
s1ckb0y1337/tokenplayer A tool designed to manipulate and abuse Windows access tokens for exploitation and learning purposes. 268
unknow101/fuckthatpacker A tool to bypass Windows Defender by packing payloads and integrating with CobaltStrike 630
f3eev/sharkexec A C# toolkit designed to extract credentials and browsing history from Windows systems. 295
friedkiwi/netcrypt A .NET executable packer designed to provide a basic understanding of runtime packing and compression 59
realitynet/kobackupdec Decrypts Huawei backup archives to mimic typical Android folder structure. 301
mainframed/tshocker An FTP-based tool to execute malicious commands on a mainframe system using a CATSO/JCL wrapper 24
joswr1ght/cowpatty A tool used to brute-force dictionary attacks against WPA-PSK passphrases. 193
ghostpack/sharpup A C# port of various PowerUp functionality for vulnerability checking 1,277
outflanknl/wdtoggle A tool to enable WDigest credential caching using direct system calls in Cobalt Strike 213
eladshamir/whisker A tool for manipulating Active Directory user and computer accounts by adding shadow credentials. 824