MathildeVenault / TheRestarterLinks
Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows Restart Manager.
☆15Updated 2 years ago
Alternatives and similar repositories for TheRestarter
Users that are interested in TheRestarter are comparing it to the libraries listed below
Sorting:
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆70Updated 3 years ago
- Simple and sane cryptographic wrapper library.☆27Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Updated 2 years ago
- ☆17Updated 2 years ago
- A simple PE loader.☆27Updated 3 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 3 years ago
- The repository accompanying the Buer Emulation workshop☆23Updated 4 years ago
- A C# port of the MinHook API hooking library☆56Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆44Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Updated 3 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆41Updated 5 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Updated 4 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Updated 2 years ago
- A simple Linux in-memory .so loader☆33Updated 2 years ago
- ☆38Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Updated 9 months ago
- This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.☆15Updated 3 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Offensive RPC PoC☆88Updated 4 years ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Updated 5 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53Updated 5 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆17Updated last year
- ☆30Updated 5 months ago
- A small example of loading BOFs in Python with pure reflection☆19Updated 3 years ago
- ☆48Updated 4 years ago
- API Hammering with C++20☆49Updated 3 years ago