AgeloVito / self_delete_bof
BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the current process.
☆73Updated last year
Alternatives and similar repositories for self_delete_bof:
Users that are interested in self_delete_bof are comparing it to the libraries listed below
- command execute without 445 port☆52Updated 3 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆129Updated 2 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆43Updated last year
- Shellcode Reductio Entropy Tools☆66Updated last year
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆12Updated 3 years ago
- ☆34Updated last month
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆86Updated last year
- ☆49Updated last year
- Cobalt Strike BOF that Add an admin user☆71Updated 2 years ago
- If you only have hash, you can still operate exchange☆72Updated 3 years ago
- ☆31Updated last year
- CrackMapExec extension module/protocol support☆42Updated last year
- Execute Remote Assembly with args passing and with AMSI and ETW patching .☆32Updated 2 years ago
- ☆46Updated 3 years ago
- Bypass EDR Create TaskServers☆36Updated 2 years ago
- MSSQL CLR for pentest.☆53Updated last year
- Zerologon自动化脚本☆88Updated last year
- ☆15Updated last year
- ☆40Updated last year
- more conveniently Visual-Studio-BOF-template☆63Updated last year
- C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…☆16Updated 3 years ago
- 密码收集☆58Updated 3 years ago
- Hidedump:a lsassdump tools that may bypass EDR☆50Updated 11 months ago
- Search msDS-AllowedToActOnBehalfOfOtherIdentity☆35Updated 3 years ago
- RPC 调用添加ssp扩展dump lsass☆18Updated 2 years ago
- 利用EFSRPC协议批量探测出网☆65Updated last year
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22Updated 10 months ago
- ☆22Updated last year
- ASPX ShellCode Loader☆50Updated last year
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆23Updated 3 years ago