CICADA8-Research / MyMSIAnalyzerLinks
Analyse MSI files for vulnerabilities
☆137Updated 9 months ago
Alternatives and similar repositories for MyMSIAnalyzer
Users that are interested in MyMSIAnalyzer are comparing it to the libraries listed below
Sorting:
- ☆107Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated 11 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- Source code and examples for PassiveAggression☆61Updated last year
- Stage 0☆161Updated 6 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Situational Awareness script to identify how and where to run implants☆52Updated 6 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆201Updated last year
- ☆155Updated 6 months ago
- ☆132Updated 4 months ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆193Updated 3 months ago
- ☆133Updated 3 months ago
- ☆119Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆110Updated last month
- Windows Persistence IT-Security☆101Updated 3 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆84Updated 3 months ago
- ☆142Updated 7 months ago
- ☆180Updated 2 months ago
- A Mythic Agent written in PIC C.☆190Updated 4 months ago
- Persist like a Dodder☆61Updated last month
- Construct the payload at runtime using an array of offsets☆63Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆173Updated last month
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 2 months ago
- Impersonate Tokens using only NTAPI functions☆75Updated 2 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆92Updated last month
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆100Updated last year
- ☆177Updated 10 months ago
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers☆122Updated 9 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year