Awesome
DISCLAIMER
The BOF is currently only compatible with the latest version of TrustedSec's COFFLoader. Please read their blog for the details.
ShadowRDP
This repository contains two applications. One is a beacon object file, which is used to retrieve the authentication string, also known as the invitation. The other is a graphical user interface program that can be run on the operator's system behind a SOCKS proxy to connect to the remote desktop session.
BOF Usage
shadowrdp <HOSTNAME> [<control>|<view>] <SESSIONID> [<NTLM>|<KERBEROS>]