3gstudent / CLR-Injection
Use CLR to inject all the .NET apps
☆183Updated 3 years ago
Related projects: ⓘ
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆221Updated 5 years ago
- A tool to run .Net DLLs from the command line☆100Updated 5 years ago
- Lateral Movement technique using DCOM and HTA☆228Updated last year
- Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/☆169Updated 4 years ago
- POC for Cobalt Strike external C2☆121Updated 3 years ago
- PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service☆108Updated 6 years ago
- Collection of scripts, binaries and the like to aid in WhiteList Evasion on a Microsoft Windows Network.☆126Updated 9 years ago
- ☆207Updated 5 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated 6 years ago
- ☆67Updated this week
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆155Updated 5 years ago
- APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )☆107Updated 6 years ago
- Constrained Language Mode + AMSI bypass all in one☆152Updated 5 years ago
- ☆43Updated this week
- initial commit☆171Updated 6 years ago
- ☆230Updated 6 years ago
- Proof of Concept exploit for CVE-2017-8570☆185Updated 6 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆278Updated 6 years ago
- ☆168Updated this week
- Cobalt Strike SCT payload obfuscator☆142Updated 7 years ago
- ☆276Updated 3 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆92Updated 6 years ago
- dem sharp donuts☆185Updated 2 years ago
- Win32k Elevation of Privilege Poc☆80Updated 5 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆133Updated 7 years ago
- ☆177Updated 2 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Updated 4 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆143Updated 4 years ago
- ☆116Updated this week
- foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV☆108Updated 3 years ago