KnicKnic / native-powershellLinks
A C DLL that can control powershell
☆48Updated 5 years ago
Alternatives and similar repositories for native-powershell
Users that are interested in native-powershell are comparing it to the libraries listed below
Sorting:
- Info on how to use Kerberos KDC on a non-domain joined host☆47Updated last year
- List the ETW provider(s) in the registration table of a process.☆62Updated last year
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆17Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆79Updated 2 months ago
- A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…☆38Updated last year
- A C# implementation of dumping credentials from Windows Credential Manager☆60Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆60Updated 9 months ago
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆54Updated 10 years ago
- Playing with packets in C#☆15Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated 2 years ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆98Updated 3 years ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- A Patchless AMSI Bypass Technique using VEH²☆27Updated 2 months ago
- Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2☆45Updated last year
- ☆28Updated 2 years ago
- Reflective DLL self-loading as a library☆22Updated 3 months ago
- Example of building an application verifer DLL☆50Updated last year
- PS-MOTW: PowerShell scripts to set / show / remove MOTW (Mark of the Web)☆43Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆73Updated 9 months ago
- ☆83Updated last year
- ACL Viewer for Windows☆128Updated 3 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆51Updated last year
- example using NtCreateUserProcess in rust☆19Updated 7 months ago
- ☆84Updated 11 months ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆64Updated 10 months ago
- a stage1 DLL loader with sleep obfuscation☆37Updated 2 years ago
- Finding Truth in the Shadows☆116Updated 2 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- a tiny program to consume from ETW providers for research☆51Updated 7 months ago