A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
☆52Jun 14, 2021Updated 4 years ago
Alternatives and similar repositories for WindowsPermsPoC
Users that are interested in WindowsPermsPoC are comparing it to the libraries listed below
Sorting:
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- ☆23May 28, 2021Updated 4 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆15Apr 26, 2021Updated 4 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆61Mar 19, 2021Updated 5 years ago
- Userland API Unhooker Project☆111Jun 14, 2021Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆242Jul 7, 2021Updated 4 years ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Aug 25, 2020Updated 5 years ago
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆290Mar 8, 2023Updated 3 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆227Jul 30, 2021Updated 4 years ago
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 5 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆321Jul 1, 2021Updated 4 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆194Jul 9, 2021Updated 4 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆257Dec 2, 2021Updated 4 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆334Oct 9, 2021Updated 4 years ago
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆141Sep 29, 2021Updated 4 years ago
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- Bring your own print driver privilege escalation tool☆261Aug 5, 2021Updated 4 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- A quick example of the Hells Gate technique in Nim☆93Aug 11, 2021Updated 4 years ago
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆132Sep 12, 2021Updated 4 years ago