BC-SECURITY/ScriptBlock-Smuggling external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

BC-SECURITY/ScriptBlock-Smuggling

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/BC-SECURITY/ScriptBlock-Smuggling)

Close

BC-SECURITY / ScriptBlock-SmugglingView on GitHubMore

• External links
• Readme badge

Example code samples from our ScriptBlock Smuggling Blog post

☆94Jun 18, 2024Updated last year

Alternatives and similar repositories for ScriptBlock-Smuggling

Users that are interested in ScriptBlock-Smuggling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆121Jan 5, 2024Updated 2 years ago
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• dmcxblue / SharpHIBP

  View on GitHub
  A C# Tool to gather information about email breaches
  ☆16Dec 21, 2023Updated 2 years ago
• BlackSnufkin / Invoke-DumpMDEConfig

  View on GitHub
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆155Jun 10, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ProcessusT / EnumSSN

  View on GitHub
  Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…
  ☆21Jan 28, 2024Updated 2 years ago
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆644May 8, 2025Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆267Jun 29, 2024Updated last year
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆156Oct 2, 2023Updated 2 years ago
• Slowerzs / PPLSystem

  View on GitHub
  ☆207May 29, 2024Updated last year
• OG-Sadpanda / SharpSword

  View on GitHub
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆118Sep 30, 2024Updated last year
• mandiant / ccmpwn

  View on GitHub
  ☆221Mar 26, 2024Updated 2 years ago
• AlteredSecurity / Disable-TamperProtection

  View on GitHub
  A POC to disable TamperProtection and other Defender / MDE components
  ☆257Jun 6, 2024Updated last year
• pygrum / gimmick

  View on GitHub
  Section-based payload obfuscation technique for x64
  ☆64Aug 8, 2024Updated last year
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• cybersectroll / SharpPersistSD

  View on GitHub
  ☆91May 15, 2024Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation

  View on GitHub
  This repository implements Threadless Injection in C
  ☆172Dec 23, 2023Updated 2 years ago
• seriotonctf / kerberos_aes_key

  View on GitHub
  Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
  ☆18Sep 18, 2024Updated last year
• nbaertsch / AutoAppDomainHijack

  View on GitHub
  Automated .NET AppDomain hijack payload generation
  ☆129Feb 4, 2025Updated last year
• Maldev-Academy / RemoteTLSCallbackInjection

  View on GitHub
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆291Jan 21, 2024Updated 2 years ago
• oldboy21 / RflDllOb

  View on GitHub
  Reflective DLL Injection Made Bella
  ☆250Jan 6, 2025Updated last year
• CCob / Shwmae

  View on GitHub
  ☆161Jan 27, 2025Updated last year
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• MaLDAPtive / Invoke-Maldaptive

  View on GitHub
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆342Aug 7, 2024Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• wh0amitz / SharpADWS

  View on GitHub
  Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
  ☆596Mar 19, 2024Updated 2 years ago
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆164May 5, 2025Updated last year
• trustedsec / specula

  View on GitHub
  ☆236Jun 10, 2025Updated 11 months ago
• WKL-Sec / LayeredSyscall

  View on GitHub
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆306Jul 31, 2024Updated last year
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆63Nov 8, 2024Updated last year
• Octoberfest7 / DropSpawn_BOF

  View on GitHub
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆288Jun 8, 2023Updated 2 years ago
• mlcsec / SigFinder

  View on GitHub
  Identify binaries with Authenticode digital signatures signed to an internal CA/domain
  ☆40Feb 6, 2024Updated 2 years ago
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆735May 7, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆159Nov 7, 2023Updated 2 years ago
• jsecu / ModTask

  View on GitHub
  ☆52Mar 30, 2026Updated last month
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆471Aug 2, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆286Sep 18, 2024Updated last year
• 0xHossam / HuffLoader

  View on GitHub
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
  ☆286Apr 6, 2025Updated last year
• klezVirus / koppeling-p

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆79Aug 5, 2024Updated last year