AgeloVito / self_delete_bof
BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the current process.
☆71Updated last year
Alternatives and similar repositories for self_delete_bof:
Users that are interested in self_delete_bof are comparing it to the libraries listed below
- ☆33Updated last month
- Cobalt Strike BOF that Add a user to localgroup by samr☆128Updated 2 years ago
- command execute without 445 port☆52Updated 3 years ago
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆85Updated last year
- ☆49Updated last year
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆42Updated last year
- Zerologon自动化脚本☆88Updated last year
- 密码收集☆58Updated 3 years ago
- If you only have hash, you can still operate exchange☆72Updated 3 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22Updated 10 months ago
- Shellcode Reductio Entropy Tools☆65Updated last year
- C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…☆16Updated 3 years ago
- Cobalt Strike BOF that Add an admin user☆71Updated 2 years ago
- 利用EFSRPC协议批量探测出网☆65Updated last year
- ☆31Updated last year
- more conveniently Visual-Studio-BOF-template☆62Updated last year
- ad vulnerability scanner☆70Updated last year
- Hidedump:a lsassdump tools that may bypass EDR☆50Updated 10 months ago
- 一个2020年练手的基于gin框架搞的在线免杀平台,支持后台管理,邀请码注册等☆38Updated 6 months ago
- Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具☆107Updated last year
- RPC 调用添加ssp扩展dump lsass☆18Updated 2 years ago
- ☆15Updated last year
- MSSQL CLR for pentest.☆53Updated last year
- CrackMapExec extension module/protocol support☆42Updated last year
- Silently Install Chrome Extension For Persistence☆49Updated 8 months ago
- impacket编程手册☆102Updated last year
- Bypass EDR Create TaskServers☆36Updated 2 years ago
- ☆46Updated 3 years ago
- Zerologon exploit with restore DC password automatically☆133Updated last year
- Execute Remote Assembly with args passing and with AMSI and ETW patching .☆32Updated 2 years ago