Kudaes / MFToolLinks
Direct access to NTFS volumes
☆273Updated 3 weeks ago
Alternatives and similar repositories for MFTool
Users that are interested in MFTool are comparing it to the libraries listed below
Sorting:
- Obex – Blocking unwanted DLLs in user mode☆123Updated 2 weeks ago
- A Mythic Agent written in PIC C.☆200Updated 8 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆155Updated 2 months ago
- ☆203Updated last year
- A PoC for Early Cascade process injection technique.☆194Updated 8 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆166Updated 9 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆167Updated 5 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆209Updated last year
- ☆120Updated 6 months ago
- early cascade injection PoC based on Outflanks blog post☆231Updated 11 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆271Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 10 months ago
- ☆158Updated 3 months ago
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆233Updated 3 weeks ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆255Updated 5 months ago
- A PowerShell console in C/C++ with all the security features disabled☆276Updated 4 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆123Updated last month
- Stage 0☆164Updated 9 months ago
- Activation Context Hijack☆169Updated 2 months ago
- Windows protocol library, including SMB and RPC implementations, among others.☆344Updated last week
- ☆161Updated 8 months ago
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆291Updated last month
- ForsHops☆149Updated 6 months ago
- Ghosting-AMSI☆218Updated 5 months ago
- ☆158Updated 9 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 9 months ago
- Group Policy Objects manipulation and exploitation framework☆251Updated last month
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆160Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆164Updated 3 months ago
- Windows rootkit designed to work with BYOVD exploits☆208Updated 8 months ago