0x00Check / ExploitLeakedHandle
Identify and exploit leaked handles for local privilege escalation.
☆102Updated last year
Related projects: ⓘ
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆95Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated 9 months ago
- I have documented all of the AMSI patches that I learned till now☆66Updated last year
- Lateral Movement via the .NET Profiler☆74Updated 3 months ago
- ☆87Updated 2 years ago
- Do some DLL SideLoading magic☆72Updated 11 months ago
- Tool for playing with Windows Access Token manipulation.☆50Updated last year
- ☆61Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆78Updated 2 years ago
- Simple BOF to read the protection level of a process☆101Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 7 months ago
- Beacon Object File allowing creation of Beacons in different sessions.☆73Updated 2 years ago
- ☆70Updated last year
- ☆99Updated this week
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆76Updated last year
- ☆107Updated this week
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆110Updated last year
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- ☆100Updated this week
- ☆140Updated this week
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆106Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 6 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆37Updated last year
- Find DLLs with RWX section☆74Updated last year
- ☆122Updated 9 months ago
- ☆68Updated this week
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆75Updated 6 months ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆87Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆137Updated 2 years ago