D4rthMaulCop / DumpKernel-S1Links
A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
☆20Updated 4 months ago
Alternatives and similar repositories for DumpKernel-S1
Users that are interested in DumpKernel-S1 are comparing it to the libraries listed below
Sorting:
- Scripts to interact with Microsoft Graph APIs☆43Updated 9 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 6 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- rust port of pspy with support for process monitoring over dbus☆34Updated 2 months ago
- ☆47Updated 2 years ago
- ☆59Updated last year
- ☆19Updated 8 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆36Updated 4 months ago
- ☆23Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- RPC to WebClient startup☆34Updated last week
- Mythic C2 wrapper for NimSyscallPacker☆25Updated 5 months ago
- ☆48Updated 2 years ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Updated last year
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆21Updated 6 months ago
- in-process powershell runner for BRC4☆47Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆38Updated last month
- Sniffing files generator☆59Updated 6 months ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Updated last year
- Enumerate the Domain for Readable and Writable Shares☆20Updated 6 months ago
- Threadless Injection Payload Toolkit☆13Updated last year
- Docker container for running CobaltStrike 4.7 and above☆22Updated 5 months ago
- ☆44Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆43Updated last year
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆26Updated 3 months ago