MayerDaniel / profiler-lateral-movementView external linksLinks
Lateral Movement via the .NET Profiler
☆100Nov 21, 2024Updated last year
Alternatives and similar repositories for profiler-lateral-movement
Users that are interested in profiler-lateral-movement are comparing it to the libraries listed below
Sorting:
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- Bypass LSA protection using the BYODLL technique☆171Sep 21, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- A set of programs for analyzing common vulnerabilities in COM☆245Sep 8, 2024Updated last year
- ☆151Oct 2, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆102Sep 5, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆259Jun 29, 2024Updated last year
- ☆92May 15, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆635May 8, 2025Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Local & remote Windows DLL Proxying☆170Jun 17, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆186Mar 4, 2024Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆167May 30, 2024Updated last year
- Repository to gather the .NET malware I will be developing☆18Mar 23, 2025Updated 10 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Extracting NetNTLM without touching lsass.exe☆242Nov 27, 2023Updated 2 years ago
- For when DLLMain is the only way☆423Oct 29, 2024Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆211Mar 10, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆326Jun 18, 2023Updated 2 years ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆336Aug 7, 2024Updated last year
- ☆259Jan 21, 2024Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆249Jun 11, 2024Updated last year
- Host CLR and run .NET binaries using Rust☆149Dec 23, 2025Updated last month
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- An App Domain Manager Injection DLL PoC on steroids☆210Dec 14, 2023Updated 2 years ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆540Nov 23, 2025Updated 2 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆432Dec 21, 2023Updated 2 years ago
- ☆64May 31, 2024Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆94Jun 18, 2024Updated last year
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆184Mar 14, 2025Updated 11 months ago