0xVIC / myAPPLockerBypassSummary
Simple APPLocker bypass summary
☆39Updated 5 years ago
Related projects: ⓘ
- A fake AMSI Provider which can be used for persistence.☆134Updated 3 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆50Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆177Updated 2 years ago
- ☆69Updated 3 years ago
- ☆24Updated last year
- ☆135Updated 2 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆83Updated 4 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆118Updated 2 years ago
- Weaponising C# - Fundamentals Training Content☆71Updated 3 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆108Updated 4 years ago
- C# PoC implementation for bypassing AMSI via in memory patching☆66Updated 4 years ago
- MiniDumpWriteDump behavior modification hook☆49Updated 3 years ago
- Cobalt Strike Beacon Object Files☆158Updated 2 years ago
- Loads a custom dll in system32 via diaghub.☆64Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆121Updated 3 years ago
- ☆32Updated this week
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆93Updated last year
- POC for NetworkService PrivEsc☆122Updated 4 years ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆111Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆140Updated 3 years ago
- MSBuild without MSbuild.exe☆129Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆184Updated 3 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆98Updated 3 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆121Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆68Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆87Updated 2 years ago
- ☆88Updated this week
- ☆87Updated 2 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆187Updated 3 years ago