0xv1n / RemoteSessionEnum

Related projects ⓘ

Alternatives and complementary repositories for RemoteSessionEnum

• Octoberfest7 / enumhandles_BOF
  ☆117Updated 2 months ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆109Updated last month
• xpn / CloudInject
  ☆104Updated this week
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆104Updated 4 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆145Updated 11 months ago
• OtterHacker / SetProcessInjection
  ☆142Updated last year
• cybersectroll / SharpPersistSD
  ☆83Updated 6 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆175Updated 11 months ago
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆149Updated last year
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆92Updated this week
• Tw1sm / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆146Updated this week
• rasta-mouse / CsWhispers
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆170Updated 8 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆147Updated 3 weeks ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆45Updated 8 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆78Updated 6 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆91Updated last year
• deh00ni / NtDumpBOF
  ☆87Updated 2 months ago
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆150Updated 2 months ago
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆113Updated 4 months ago
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆158Updated last year
• x42en / sysplant
  Your syscall factory
  ☆121Updated 2 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆58Updated 5 months ago
• cybersectroll / TrollDump
  ☆79Updated 6 months ago
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆142Updated 2 months ago
• dmcxblue / SharpGhostTask
  A C# port from Invoke-GhostTask
  ☆110Updated 10 months ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆160Updated 5 months ago
• rasta-mouse / SpawnWith
  ☆92Updated 9 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆144Updated 2 weeks ago