KnicKnic / native-powershellLinks
A C DLL that can control powershell
☆50Updated 5 years ago
Alternatives and similar repositories for native-powershell
Users that are interested in native-powershell are comparing it to the libraries listed below
Sorting:
- Info on how to use Kerberos KDC on a non-domain joined host☆48Updated last year
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Updated 10 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆60Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆17Updated last year
- A Patchless AMSI Bypass Technique using VEH²☆29Updated 5 months ago
- Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2☆46Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- Reflective DLL self-loading as a library☆21Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆61Updated last year
- List the ETW provider(s) in the registration table of a process.☆63Updated 2 years ago
- Rust PowerShell Hosting Library☆16Updated last month
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆78Updated 5 months ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆100Updated 3 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆93Updated 3 years ago
- ☆39Updated 3 years ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Updated last year
- Load and execute a common object file format (COFF) in the current process☆32Updated last year
- Enable EFS service as low priv user (PE & BOF)☆21Updated 4 months ago
- a tiny program to consume from ETW providers for research☆53Updated 10 months ago
- example using NtCreateUserProcess in rust☆19Updated 10 months ago
- ☆29Updated 3 years ago
- ☆36Updated last month
- Playing with packets in C#☆15Updated last year
- A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…☆38Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆82Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆116Updated 3 years ago
- Callstack spoofing using a VEH because VEH all the things.☆23Updated 8 months ago
- Extensible Position Independent Code – shellcode (C/C++) development and building toolkit designed for developer experience, predictabili…☆97Updated 3 weeks ago
- Runs programs as TrustedInstaller☆49Updated 6 years ago
- a stage1 DLL loader with sleep obfuscation☆36Updated 2 years ago