Hacker-Hermanos / NetRunners
Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.
☆11Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for NetRunners
- CipherRun is an ethical hacking tool used to execute shellcode easily while bypassing antivirus solutions.☆12Updated 9 months ago
- Enumerate the Domain for Readable and Writable Shares☆16Updated 5 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 5 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆27Updated last year
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆11Updated 2 years ago
- A repo of scripts I find helpful for daily tasks.☆26Updated 6 months ago
- Brief writeup of post exploitation methodologies.☆17Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆12Updated last year
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.�☆10Updated last year
- ☆37Updated 3 weeks ago
- A repository with my code snippets for research/education purposes.☆50Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆22Updated 2 months ago
- Lifetime AMSI bypass.☆36Updated 4 months ago
- string/file/shellcode encryptor using AES/XOR☆11Updated last year
- Items related to the RedELK workshop given at security conferences☆27Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆23Updated last year
- ☆25Updated last year
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆15Updated 2 months ago
- A solution to create obfuscated shellcode from msfvenom for PowerShell.☆23Updated 2 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆38Updated 4 months ago
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆17Updated 2 years ago
- Extra cmdlets to help with quering security related information from Azure☆13Updated 2 months ago
- a port of privkit bof for havoc☆22Updated 11 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11Updated 6 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Updated 11 months ago
- A pure C version of SymProcAddress☆23Updated 8 months ago
- Scripts to interact with Microsoft Graph APIs☆31Updated 2 weeks ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 11 months ago
- Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions☆13Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago