Cobalt-Strike / ProxyDLLExample
code for the Proxy DLL example blog post
☆60Updated 3 years ago
Alternatives and similar repositories for ProxyDLLExample:
Users that are interested in ProxyDLLExample are comparing it to the libraries listed below
- A BOF to interact with COM objects associated with the Windows software firewall.☆102Updated 3 years ago
- A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.☆85Updated 3 years ago
- ☆55Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 4 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆56Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆83Updated 2 years ago
- Remove API hooks from a Beacon process.☆56Updated 2 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 4 years ago
- ☆142Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆98Updated 3 years ago
- .NET project for installing Persistence☆64Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆100Updated 2 years ago
- A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn☆100Updated 2 years ago
- Smart Card PIN swiping DLL☆76Updated 4 years ago
- all credits go to @mgeeky☆59Updated 3 years ago
- ☆93Updated 2 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆78Updated 3 years ago
- Rewrote HellsGate in C# for fun and learning☆86Updated 3 years ago
- Unchain AMSI by patching the provider�’s unmonitored memory space☆88Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- DInvisibleRegistry☆81Updated 4 years ago
- Simple APPLocker bypass summary☆40Updated 6 years ago
- IOXIDResolver from AirBus Security/PingCastle☆47Updated 4 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆122Updated 2 years ago
- ☆88Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 8 months ago
- A fake AMSI Provider which can be used for persistence.☆147Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆70Updated 4 years ago