Meckazin / HidingFromETW
PoC for detecting and evading ETW detection of .Net Assembly.Load
☆18Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for HidingFromETW
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Simple and sane cryptographic wrapper library.☆26Updated last year
- C# project to Reflectively load .Net assemblies in memory☆17Updated 4 months ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆18Updated 4 months ago
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated last year
- ☆15Updated 3 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆19Updated last year
- ☆12Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- Find world writable directories that contain a .exe or .dll file☆12Updated 3 years ago
- Cobalt Strike notifications via NTFY.☆13Updated last month
- ☆35Updated 5 months ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆17Updated last year
- Golang Implementation of Hell's gate☆15Updated last year
- Extension functionality for the NightHawk operator client☆26Updated last year
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆21Updated 2 years ago
- ☆45Updated 3 years ago
- ☆14Updated last year
- The Totally Legit Authentication Dialog☆12Updated last year
- Bunch of BOF files☆23Updated 8 months ago
- ☆24Updated 2 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆18Updated 3 years ago
- Execute embedded Mimikatz☆13Updated 2 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago