KINGSABRI / AssemblyLoader
Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
☆34Updated 3 years ago
Alternatives and similar repositories for AssemblyLoader:
Users that are interested in AssemblyLoader are comparing it to the libraries listed below
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆36Updated last year
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆50Updated 3 years ago
- Beacon Object Files (not Buffer Overflows)☆53Updated last year
- Cobalt Strike BOF for quser.exe implementation using Windows API☆83Updated last year
- Sliver agent rewritten in C++☆43Updated 4 months ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆83Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆25Updated 2 years ago
- ProcExp Driver (Ab)use☆20Updated 2 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆59Updated 2 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆95Updated 3 years ago
- Active Directory certificate abuse.☆37Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆35Updated 5 months ago
- ☆29Updated 2 years ago
- ☆61Updated last week
- ☆39Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆84Updated 2 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆26Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- A VSCode plugin to assist with BOF development.☆32Updated 5 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- C# Port of LdapRelayScan☆78Updated 2 years ago
- A third-party Gopher Assassin for the Havoc Framework.☆45Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆31Updated 2 years ago
- ☆28Updated 7 months ago
- A simple BOF implementation of klist using Windows API☆30Updated 2 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆50Updated 2 years ago