IBM RedCON 2020 - Throwing an AquaWrench into the Kernel
☆44Aug 25, 2020Updated 5 years ago
Alternatives and similar repositories for IBM-RedCON-2020
Users that are interested in IBM-RedCON-2020 are comparing it to the libraries listed below
Sorting:
- Automation Engine using the Covenant API and lua scripting☆24Dec 8, 2022Updated 3 years ago
- C# project to create or modify existing LNKs☆54Oct 18, 2022Updated 3 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- ☆31Jul 27, 2020Updated 5 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆244Jul 14, 2021Updated 4 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Run shellcode through InnoSetup code engine.☆74Jun 22, 2023Updated 2 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- Lockless allows for the copying of locked files.☆253Apr 30, 2021Updated 4 years ago
- A "no frills" 1 class-only, C# .NET command line parser with support for - and / args, switches only, and Name : Values☆34Jan 20, 2026Updated last month
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆97Apr 13, 2023Updated 2 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆425Jul 27, 2022Updated 3 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆426Apr 22, 2021Updated 4 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆41Aug 6, 2021Updated 4 years ago
- Bring your own print driver privilege escalation tool☆259Aug 5, 2021Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆262Apr 24, 2021Updated 4 years ago
- A simple POC to demonstrate the power of .NET debugging for injection☆73Aug 11, 2020Updated 5 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- Terraform script to deploy AD-based environment on Azure☆41Apr 22, 2023Updated 2 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- Expriments☆478Oct 3, 2024Updated last year
- ☆42Aug 10, 2019Updated 6 years ago
- SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and s…☆63Sep 2, 2020Updated 5 years ago
- Automated compiler obfuscation for nim☆139Jun 27, 2022Updated 3 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year