From a5e30ae17b30ba96a6be74d8e9ccf23ba9b85fbd Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Fri, 8 Jul 2022 23:54:36 +0700
Subject: [PATCH] Add: GhostPack/Koh to Credential Access section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index 88583df..e0184b5 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -2129,6 +2129,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/FSecureLABS/SharpClipHistory">FSecureLABS/SharpClipHistory</a></td>
         <td>SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/GhostPack/Koh">GhostPack/Koh</a></td>
+        <td>The Token Stealer</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/G0ldenGunSec/SharpSecDump">G0ldenGunSec/SharpSecDump</a></td>
         <td>.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py</td>