AgeloVito / self_delete_bofLinks
BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the current process.
☆78Updated 2 years ago
Alternatives and similar repositories for self_delete_bof
Users that are interested in self_delete_bof are comparing it to the libraries listed below
Sorting:
- Cobalt Strike BOF that Add a user to localgroup by samr☆131Updated 2 years ago
- ☆34Updated 5 months ago
- Cobalt Strike BOF that Add an admin user☆77Updated 2 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆49Updated 2 years ago
- command execute without 445 port☆52Updated 3 years ago
- ☆49Updated 2 years ago
- ASPX ShellCode Loader☆50Updated last year
- ☆31Updated last year
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆89Updated last year
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆15Updated 3 years ago
- CrackMapExec extension module/protocol support☆42Updated last year
- Zerologon自动化脚本☆93Updated last year
- more conveniently Visual-Studio-BOF-template☆68Updated last year
- Execute Remote Assembly with args passing and with AMSI and ETW patching .☆35Updated last month
- MSSQL CLR for pentest.☆54Updated 2 years ago
- If you only have hash, you can still operate exchange☆76Updated 3 years ago
- AddDefenderExclusions Beacon Object File☆41Updated 2 years ago
- Shellcode Reductio Entropy Tools☆71Updated last year
- ☆35Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆24Updated 4 years ago
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆89Updated 2 years ago
- Hidedump:a lsassdump tools that may bypass EDR☆51Updated last year
- ☆24Updated 3 months ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22Updated last year
- mssqlproxy python3.5+ 并修复bug☆64Updated 2 years ago
- 利用EFSRPC协议批量探测出网☆66Updated last year
- Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术,不使用API进行主线程劫持,不使用PEB…☆80Updated 3 weeks ago
- ☆15Updated last year
- RPC 调用添加ssp扩展dump lsass☆19Updated 3 years ago
- 在权限足够的情况下弹出system权限的cmd命令行,包含exe和dll两种文件类型,可用于一些可能存在本地提权漏洞的测试。☆33Updated 3 years ago