ChoiSG / bin2sideload
☆10Updated last year
Related projects ⓘ
Alternatives and complementary repositories for bin2sideload
- Rewrite to fit my needs☆26Updated 4 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 10 months ago
- ☆59Updated 4 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆36Updated 11 months ago
- BOF for C2 framework☆40Updated 2 weeks ago
- ☆92Updated 9 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- in-process powershell runner for BRC4☆37Updated last year
- Sniffing files generator☆40Updated last week
- ☆87Updated 2 months ago
- ☆46Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- Lateral Movement via the .NET Profiler☆76Updated this week
- Beacon Object Files (BOF) for Cobalt Strike.☆28Updated 3 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆38Updated last year
- DFSCoerce exe revisited version with custom authentication☆37Updated 10 months ago
- ProcExp Driver (Ab)use☆20Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆23Updated 2 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 11 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆37Updated 10 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- Windows Thread Pool Injection Havoc Implementation☆28Updated 8 months ago
- ☆28Updated 5 months ago
- Click Once + App Domain☆62Updated 11 months ago
- ☆79Updated 6 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆30Updated 6 months ago
- ☆119Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆66Updated last year