Sliver Armory
The finest collection of open-source armaments, curated for the aspiring cyberwar profiteer.
Pinned Repositories
armory
The Official Sliver Armory
C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
COFFLoader
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
hashdump
Dump Windows SAM hashes
injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
injectEtwBypass
CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
libreflect
nanodump
Dump LSASS like you mean it
private-armory
A self-hosted Armory implementation.
Sliver Armory's Repositories
sliverarmory/armory
The Official Sliver Armory
sliverarmory/hashdump
Dump Windows SAM hashes
sliverarmory/private-armory
A self-hosted Armory implementation.
sliverarmory/nanodump
Dump LSASS like you mean it
sliverarmory/C2-Tool-Collection
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
sliverarmory/CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
sliverarmory/winrmdll-sliver
C++ WinRM API sliver extension
sliverarmory/CS-Remote-OPs-BOF
sliverarmory/sliver-sdk
Sliver SDK
sliverarmory/Certify
Active Directory certificate abuse.
sliverarmory/CredManBOF
sliverarmory/goffloader
A Go implementation of Cobalt Strike style BOF/COFF loaders.
sliverarmory/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
sliverarmory/azbelt
AAD related enumeration in Nim
sliverarmory/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
sliverarmory/nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
sliverarmory/Rubeus
Trying to tame the three-headed dog.
sliverarmory/SliverKeylogger
sliverarmory/HavocFrameworkModules
Modules used by the Havoc Framework
sliverarmory/mimikatz
A little tool to play with Windows security
sliverarmory/SCShell
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
sliverarmory/SharpHound4
C# Data Collector for BloodHound
sliverarmory/SharpSCCM
A C# utility for interacting with SCCM
sliverarmory/SQLRecon
A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
sliverarmory/BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
sliverarmory/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
sliverarmory/profiler-lateral-movement
Lateral Movement via the .NET Profiler
sliverarmory/python-wasi
Utilities for building CPython for the WASI platform
sliverarmory/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
sliverarmory/ThreadlessInject-BOF
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.