A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows
☆52Jun 14, 2021Updated 4 years ago
Alternatives and similar repositories for WindowsPermsPoC
Users that are interested in WindowsPermsPoC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- ☆23May 28, 2021Updated 4 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆15Apr 26, 2021Updated 5 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆61Mar 19, 2021Updated 5 years ago
- Userland API Unhooker Project☆111Apr 4, 2026Updated 3 weeks ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- ☆100Sep 20, 2021Updated 4 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 3 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Aug 25, 2020Updated 5 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆290Mar 8, 2023Updated 3 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆227Jul 30, 2021Updated 4 years ago
- PoC for UUID shellcode execution using DInvoke☆156Mar 8, 2021Updated 5 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆298Aug 18, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.☆320Jul 1, 2021Updated 4 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆195Jul 9, 2021Updated 4 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆257Dec 2, 2021Updated 4 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 3 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆332Oct 9, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This aggressor script uses a beacon's note field to indicate the health status of a beacon.☆142Sep 29, 2021Updated 4 years ago
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- Bring your own print driver privilege escalation tool☆262Aug 5, 2021Updated 4 years ago
- A quick example of the Hells Gate technique in Nim☆93Aug 11, 2021Updated 4 years ago
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆132Sep 12, 2021Updated 4 years ago