Excel4-DCOM
Excel injection
A method for injecting malicious code into Excel 4.0 macros via DCOM for lateral movement in Windows systems
PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)
322 stars
28 watching
74 forks
Language: PowerShell
last commit: almost 6 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| outflanknl/evilclippy | An assistant tool designed to create malicious MS Office documents by hiding or tampering with VBA macros and macro analysis tools | 2,131 |
 sud0woodo/dcomrade | Automates enumeration of vulnerable DCOM applications to aid in lateral movement and exploitation testing | 254 |
 dissectmalware/xlmmacrodeobfuscator | Decodes and deobfuscates obfuscated Excel macros from various file formats. | 575 |
| outflanknl/c2-tool-collection | Tools for exploiting vulnerabilities in Windows systems and gathering information about networked computers. | 1,155 |
| outflanknl/inlinewhispers | Tool to generate inline assembly code for direct system calls in COBalt Strike's Beacon Object Files (BOF) | 308 |
 apokryptein/secinject | A tool for injecting malicious code into processes using native APIs and memory section mapping. | 88 |
| outflanknl/invoke-adlabdeployer | Automates deployment of Windows and Active Directory test lab networks. | 480 |
| outflanknl/spray-ad | Automates an Active Directory password spraying attack to identify weak or guessable passwords | 426 |
 bishopfox/bfinject | Tool for injecting arbitrary shared libraries into running iOS apps to execute malicious code | 626 |
 tomcarver16/bof-dll-inject | A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. | 147 |
| outflanknl/helpcolor | Lists available Cobalt Strike beacon commands and colors them based on their type | 191 |
 z4kn4fein/stashbox | A lightweight dependency injection framework for .NET-based applications. | 142 |
 whitel1st/docem | A tool to embed malicious payloads in various document formats | 553 |
| outflanknl/zipper | Compresses files and folders from local and UNC paths using the zlib compression library. | 191 |
 roguemacro/steak.dependencyinjection | Provides a simple framework for managing dependencies in BeefLang applications. | 4 |