Leo4j / Invoke-RunAsSystem
A simple script to elevate current session to SYSTEM (needs to be run as Administrator)
☆13Updated 4 months ago
Alternatives and similar repositories for Invoke-RunAsSystem:
Users that are interested in Invoke-RunAsSystem are comparing it to the libraries listed below
- Extension functionality for the NightHawk operator client☆27Updated last year
- A simple website to act as a store for havoc modules and extensions☆25Updated 2 months ago
- C# API for Nidhogg rootkit☆17Updated 11 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.☆21Updated 6 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- C# project to Reflectively load .Net assemblies in memory☆17Updated 9 months ago
- A python port of CCob's ThreadlessInject☆25Updated 2 years ago
- Self Delete DLL☆23Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆41Updated 10 months ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆27Updated 4 years ago
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆34Updated 4 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 8 months ago
- Small POC for process ghosting☆39Updated 3 years ago
- LSTAR - CobaltStrike Translated to EN☆13Updated last year
- Tool to aid in dumping LSASS process remotely☆38Updated 8 months ago
- Enumerate the Domain for Readable and Writable Shares☆17Updated last month
- A collection of random small Aggressor snippets that don't warrant their own repo☆23Updated 2 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆21Updated last year
- Beacon Object File implementation of Yaxser's Backstab☆15Updated 3 years ago
- PoC to self-delete a binary in C#☆31Updated last year
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- ☆20Updated 9 months ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆16Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆18Updated 2 years ago
- Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM☆52Updated last year