0xVIC / myAPPLockerBypassSummary
Simple APPLocker bypass summary
☆41Updated 6 years ago
Alternatives and similar repositories for myAPPLockerBypassSummary:
Users that are interested in myAPPLockerBypassSummary are comparing it to the libraries listed below
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆54Updated 4 years ago
- ☆139Updated 2 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆84Updated 4 years ago
- ☆28Updated 2 years ago
- MiniDumpWriteDump behavior modification hook☆50Updated 4 years ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆52Updated 9 months ago
- A fake AMSI Provider which can be used for persistence.☆147Updated 3 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆98Updated 2 years ago
- Weaponising C# - Fundamentals Training Content☆70Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆181Updated 2 years ago
- ☆92Updated 3 years ago
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- D/Invoke port of UrbanBishop☆106Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆70Updated 4 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆120Updated 3 years ago
- ☆69Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆101Updated 2 years ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆114Updated 3 years ago
- Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments☆119Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 8 months ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆125Updated last year
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆50Updated 3 years ago
- ☆84Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆140Updated 3 years ago
- ☆71Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆111Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆54Updated 3 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 3 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆140Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆91Updated 2 years ago