PoC for using MS Windows printers for persistence / command and control via Internet Printing
☆150May 3, 2024Updated last year
Alternatives and similar repositories for IPPrintC2
Users that are interested in IPPrintC2 are comparing it to the libraries listed below
Sorting:
- Inject DLLs into the explorer process using icons☆408May 18, 2025Updated 9 months ago
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆561Feb 15, 2024Updated 2 years ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆592Jun 12, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆289May 27, 2024Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- ☆59Oct 24, 2024Updated last year
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated last year
- Tools for analyzing EDR agents☆277Jun 10, 2024Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆80Apr 23, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- ☆568Mar 28, 2024Updated last year
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆441May 29, 2024Updated last year
- ☆84May 19, 2024Updated last year
- Click Once + App Domain☆64Feb 23, 2026Updated last week
- ☆307Mar 15, 2025Updated 11 months ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆172May 13, 2024Updated last year
- Python tool to check rootkits in Windows kernel☆207Aug 20, 2025Updated 6 months ago
- Execute shellcode files with rundll32☆216Jan 28, 2024Updated 2 years ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆638May 8, 2025Updated 9 months ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 9 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- ☆189Jan 23, 2024Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆503Dec 19, 2023Updated 2 years ago
- ☆109Feb 17, 2025Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆204Dec 27, 2023Updated 2 years ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆168May 30, 2024Updated last year
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year