Leo4j / Invoke-RunAsSystem

Related projects: ⓘ

• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated 10 months ago
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆35Updated 4 months ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆23Updated last year
• knight0x07 / Lnk2Vbs
  A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.
  ☆31Updated last year
• rkbennett / pyThreadlessInject
  A python port of CCob's ThreadlessInject
  ☆26Updated last year
• Tylous / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆17Updated last year
• reznok / MemoryLoader
  A .NET binary loader that bypasses AMSI
  ☆44Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆53Updated 2 years ago
• passthehashbrowns / DInvokeProcessHollowing
  ☆26Updated 4 years ago
• Kara-4search / FullDLLUnhooking_CSharp
  Unhook DLL via cleaning the DLL 's .text section
  ☆9Updated 3 years ago
• realoriginal / krbdump
  A way to extract tickets in case I need to purge and restore tickets on the fly.
  ☆15Updated 4 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆34Updated 2 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆31Updated last year
• Mr-Un1k0d3r / BOFCode
  Bunch of BOF files
  ☆21Updated 7 months ago
• VirtualAlllocEx / DSC_SVC_REMOTE
  This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…
  ☆50Updated last year
• D1rkMtr / sysPPIDspoofing
  ☆24Updated this week
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆79Updated last year
• mobdk / Sigma
  Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx
  ☆14Updated 3 years ago
• plackyhacker / AMSI-Bypass
  Another AMSI bypass - but in C++.
  ☆25Updated last year
• Wra7h / PowerShell-Scripts
  ☆12Updated this week
• GetRektBoy724 / SysGate
  One gate to all syscalls!
  ☆23Updated 2 years ago
• rbmm / SDD
  Self Delete DLL
  ☆23Updated 7 months ago
• D1rkMtr / ChTimeStamp
  ☆53Updated this week
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆17Updated last year
• KingOfTheNOPs / EnableWebDAVClient-BOF
  Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts
  ☆17Updated last year
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆25Updated 2 years ago
• KINGSABRI / AssemblyLoader
  Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
  ☆32Updated 3 years ago
• jnqpblc / SharpReg
  SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.
  ☆26Updated 4 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated last year
• NUL0x4C / EntropyFix
  ☆50Updated this week