EspressoCake / DLL_Version_Enumeration_BOF
A BOF for enumerating version information for DLLs associated for a Beacon process.
☆12Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for DLL_Version_Enumeration_BOF
- Dump Teams conversations☆17Updated 3 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 3 years ago
- ☆24Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆17Updated last year
- Remove API hooks from a Beacon process.☆12Updated 3 years ago
- Loads .NET Assembly Via CLR Loader☆14Updated 5 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- A C port of b33f's UrbanBishop☆37Updated 4 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago
- ☆18Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆15Updated 6 months ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 3 years ago
- ☆14Updated 2 years ago
- Strstr with user-supplied needle and filename as a BOF.☆30Updated 3 years ago
- Simple Aggressor Scripts for Cobalt Strike☆11Updated 4 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆8Updated last year
- LoadLibrary for offensive operations☆32Updated 2 years ago
- ☆26Updated 4 years ago
- ☆29Updated 2 years ago
- A small example of loading BOFs in Python with pure reflection☆17Updated last year
- ☆18Updated 3 years ago
- Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.☆10Updated 2 years ago
- ☆45Updated 3 years ago
- Some of my custom "tools".☆22Updated 2 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 4 months ago
- ☆38Updated last year
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆18Updated 4 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆14Updated 2 years ago
- Dangling COM Keys Finder☆14Updated 2 years ago