Alternatives and similar repositories for ReflectionUnHook:

Users that are interested in ReflectionUnHook are comparing it to the libraries listed below

• whokilleddb / SOAPHound
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33Updated 10 months ago
• dmcxblue / AzureFunctionRedirector
  ☆25Updated this week
• yehia-mamdouh / Lsassx
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆11Updated last month
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆18Updated last year
• Leo4j / Tools
  ☆13Updated 2 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆20Updated last month
• Leo4j / Invoke-ShareHunter
  Enumerate the Domain for Readable and Writable Shares
  ☆17Updated last month
• n0tspam / RunspaceLoader
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Updated last year
• OtterHacker / Cerbere
  ☆47Updated 2 years ago
• lleon1435 / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆15Updated last year
• GeorgePatsias / AskCreds-CS
  A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.
  ☆13Updated 2 years ago
• OffsecDeer / TargetedTimeroast
  Tamper Active Directory user attributes to collect their hashes with MS-SNTP
  ☆24Updated 2 months ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆28Updated last year
• p4p1 / havoc-reporter
  A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.
  ☆12Updated last year
• Helixo32 / GetSystem-LCI
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆32Updated 4 months ago
• heartburn-dev / PKI-Escalate
  Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…
  ☆25Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆48Updated 3 months ago
• k3nundrum / redteamtips
  ☆15Updated last year
• OtterHacker / AWSRoundRobin
  ☆37Updated last month
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 8 months ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• nyxgeek / bad_guest
  ☆12Updated 9 months ago
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated last year
• 0xB455 / ActiveSyncBruter
  ☆16Updated 3 weeks ago
• 808ale / NetRunners
  Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.
  ☆11Updated 11 months ago
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆36Updated 4 months ago
• 0xflagplz / Xll-Payload-Generator
  Excel Add In Payload Generator
  ☆10Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆37Updated 4 months ago
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper
  Mythic C2 wrapper for NimSyscallPacker
  ☆23Updated 2 weeks ago