HiddenDesktop
Remote Desktop Exploitation Tool
An implementation of HVNC for Cobalt Strike, allowing operators to interact with remote desktop sessions without user knowledge.
HVNC for Cobalt Strike
1k stars
15 watching
177 forks
Language: C
last commit: 12 months ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| wkl-sec/malleable-cs-profiles | A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike | 374 |
| wkl-sec/winsocky | A custom Winsock implementation for secure communication in malware | 98 |
 c3r3br4t3/shadowrdp | Tools to exploit remote desktop sessions using NTLM and Kerberos authentication | 61 |
 henkru/cs-token-vault | In-memory storage for stolen Windows access tokens to manage access credentials in Cobalt Strike. | 136 |
 ssteo/hitbsecconf2021ams-poc | A proof-of-concept demonstrating a covert channel for command and control (C&C) and data exfiltration using AWS GuardDuty in a post-DNS era | 2 |
 scumjr/dirtycow-vdso | A Proof-of-Concept for exploiting a vulnerability in the Linux vDSO, allowing arbitrary code execution. | 491 |
 nvisosecurity/cobaltwhispers | An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. | 227 |
 wbglil/cs_decrypt | A collection of Python scripts for decrypting and processing encrypted data related to Cobalt Strike security vulnerability analysis | 140 |
 outflanknl/c2-tool-collection | Tools for exploiting vulnerabilities in Windows systems and gathering information about networked computers. | 1,143 |
 kyleavery/aceldr | A Cobalt Strike memory scanner evasion technique using code obfuscation and encryption to evade detection. | 878 |
 cohdjn/cisecurity | Automates Linux hardening to conform to Center for Internet Security Benchmark standards | 9 |
 irsl/jackson-rce-via-spel | A proof-of-concept project demonstrating exploitation of a vulnerability in Jackson-databind via Spring application contexts and expressions. | 121 |
 b4rtik/hiddenpowershelldll | A PowerShell evasion tool that uses a DLL to bypass security measures and execute a hidden stager | 93 |
| outflanknl/wdtoggle | A tool to enable WDigest credential caching using direct system calls in Cobalt Strike | 213 |
 jamvayne/cobaltstrikedos | A Python script to exploit a Cobalt Strike vulnerability and perform a denial of service attack. | 103 |