Lateral Movement via the .NET Profiler
☆100Nov 21, 2024Updated last year
Alternatives and similar repositories for profiler-lateral-movement
Users that are interested in profiler-lateral-movement are comparing it to the libraries listed below
Sorting:
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Bypass LSA protection using the BYODLL technique☆172Sep 21, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- ☆152Oct 2, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- ☆92May 15, 2024Updated last year
- Position-independent Reflective Loader for macOS☆118Feb 19, 2026Updated 2 weeks ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated 2 years ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- Repository to gather the .NET malware I will be developing☆18Mar 23, 2025Updated 11 months ago
- TypeLib persistence technique☆140Oct 22, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- Extracting NetNTLM without touching lsass.exe☆244Nov 27, 2023Updated 2 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆211Mar 10, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆336Aug 7, 2024Updated last year
- PoC demonstrating a multi process injection chain aimed at remotely executing shellcode☆259Jan 21, 2024Updated 2 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Host CLR and run .NET binaries using Rust☆151Dec 23, 2025Updated 2 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆435Dec 21, 2023Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- ☆63May 31, 2024Updated last year
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆549Nov 23, 2025Updated 3 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆95Jun 18, 2024Updated last year
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆186Mar 14, 2025Updated 11 months ago