SilkETW & SilkService
☆40Aug 14, 2019Updated 6 years ago
Alternatives and similar repositories for BH-Arsenal-2019
Users that are interested in BH-Arsenal-2019 are comparing it to the libraries listed below
Sorting:
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117May 23, 2019Updated 6 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- My solutions for HackSys Extreme Vulnerable Driver☆12Apr 22, 2018Updated 7 years ago
- Hostile Dropboxes Management☆26Jan 8, 2020Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- A tool for scanning registery key permissions. Find where non-admins can create symbolic links.☆45Oct 30, 2019Updated 6 years ago
- ☆14Aug 31, 2021Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Exfiltrate data over screen interfaces☆58Nov 13, 2017Updated 8 years ago
- A small .NET compression utility☆58Feb 2, 2022Updated 4 years ago
- Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition☆22May 24, 2019Updated 6 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- ☆17Dec 1, 2019Updated 6 years ago
- Tool to acquire netNTLM hashes on a local machine wihtout network traffic☆13May 18, 2018Updated 7 years ago
- ☆36Mar 11, 2019Updated 6 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- An Insider Threat Toolkit☆155Dec 17, 2018Updated 7 years ago
- ☆30Apr 24, 2019Updated 6 years ago
- ☆15Jul 5, 2019Updated 6 years ago
- Impacket Fork for Contributing and Sharing Our Knowledge about Windows☆66Sep 11, 2020Updated 5 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆65Dec 27, 2017Updated 8 years ago
- Forward local or remote tcp ports through SMB pipes.☆296Mar 7, 2021Updated 4 years ago
- PowerView menu for Cobalt Strike☆70Mar 22, 2018Updated 7 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- A repo to document API functions mapped to security events across diverse platforms☆74Nov 1, 2019Updated 6 years ago
- Collection of scripts for interacting with AD Kerberos from Linux☆72Apr 22, 2018Updated 7 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- ☆825Jun 1, 2023Updated 2 years ago
- Repository for my ATT&CK analysis research.☆71May 16, 2019Updated 6 years ago