Alternatives and similar repositories for reflectPatcher:

Users that are interested in reflectPatcher are comparing it to the libraries listed below

• davehardy20 / PoSHBypass
  ☆25Updated 6 years ago
• bitsadmin / cobaltstrike
  Everything related to Cobalt Strike
  ☆15Updated 5 years ago
• kmkz / Sources
  Random source codes
  ☆25Updated 4 years ago
• OsandaMalith / WindowsInternals
  Experiments on the Windows Internals
  ☆30Updated 5 years ago
• stufus / shellcode-implant-stub
  Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…
  ☆19Updated 8 years ago
• tevora-threat / c2_reporter
  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
  ☆20Updated 4 years ago
• infosecn1nja / e2modrewrite
  Convert Empire profiles to Apache mod_rewrite scripts
  ☆28Updated 5 years ago
• cys3c / Siofra
  DLL hijacking vulnerability scanner and PE infector tool
  ☆17Updated 7 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 6 years ago
• ThunderGunExpress / Reflective_Schtasks
  ☆54Updated 6 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆14Updated 4 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 4 years ago
• med0x2e / RT-EWS
  A Powershell module including a couple of cmdlets for EWS Enum/Exploitation.
  ☆17Updated 5 years ago
• ThunderGunExpress / ThunderMSI
  ☆28Updated 7 years ago
• maaaaz / mimicertz
  A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
  ☆25Updated 6 years ago
• djhohnstein / CSharpCreateThreadExample
  C# code to run PIC using CreateThread
  ☆16Updated 5 years ago
• G0ldenGunSec / wmiServSessEnum
  .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
  ☆33Updated 5 years ago
• DimopoulosElias / SimpleMimikatzObfuscator
  A set of commands to bypass Defender (and some other AVs)
  ☆20Updated 5 years ago
• 3gstudent / SCTPersistence
  Create COM Objects backed by Scripts, not DLLs
  ☆9Updated 7 years ago
• vletoux / Bluekeep-scanner
  BlueKeep powershell scanner (based on c# code)
  ☆38Updated 5 years ago
• johnnyDEP / cobaltstrike
  cobalt strike stuff I have gathered from around github
  ☆31Updated 7 years ago
• NotoriousRebel / ConfigPersist
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆12Updated 2 years ago
• dsnezhkov / RunDllMShim
  Run Managed Assemblies with RunDll
  ☆17Updated 6 years ago
• bohops / IISAppPoolCreds
  Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
  ☆14Updated 7 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• djhohnstein / SharpEdge
  C# Implementation of Get-VaultCredential
  ☆13Updated 6 years ago
• slyd0g / SharpRoast-Parser
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Updated 5 years ago
• limbenjamin / LogServiceCrash
  POC code to crash Windows Event Logger Service
  ☆26Updated 4 years ago
• vletoux / OxidBindings
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Updated 4 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆42Updated 7 years ago