EspressoCake / DLL_Version_Enumeration_BOF
A BOF for enumerating version information for DLLs associated for a Beacon process.
☆12Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for DLL_Version_Enumeration_BOF
- Dump Teams conversations☆17Updated 3 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- ☆24Updated 2 years ago
- ☆45Updated 3 years ago
- Loads .NET Assembly Via CLR Loader☆14Updated 5 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆17Updated last year
- C# project to Reflectively load .Net assemblies in memory☆17Updated 5 months ago
- A small example of loading BOFs in Python with pure reflection☆17Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- Simple Aggressor Scripts for Cobalt Strike☆11Updated 4 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago
- Remove API hooks from a Beacon process.☆12Updated 3 years ago
- Strstr with user-supplied needle and filename as a BOF.☆30Updated 3 years ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆18Updated 5 months ago
- ☆26Updated 4 years ago
- ☆18Updated 2 years ago
- ☆18Updated 3 years ago
- Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.☆10Updated 2 years ago
- A C port of b33f's UrbanBishop☆37Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆13Updated 3 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆8Updated last year
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆18Updated 3 years ago
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆15Updated 3 years ago
- C# code to run PIC using CreateThread☆16Updated 5 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆15Updated 6 months ago
- ☆22Updated 6 months ago
- ☆38Updated last year