Meowmycks / catdumperLinks
LSASS Credential Dumper that utilizes the Windows API, in-memory RC4 encryption and Base64 encoding, and HTTPS exfiltration.
☆10Updated last year
Alternatives and similar repositories for catdumper
Users that are interested in catdumper are comparing it to the libraries listed below
Sorting:
- Remap ntdll.dll using only NTAPI functions with a suspended process☆21Updated 2 months ago
- ☆11Updated 4 months ago
- A lexer and parser for Sleep☆20Updated last month
- Cortex EDR Ransomware protection Bypass☆24Updated 4 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆15Updated 3 months ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆13Updated 8 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆20Updated 2 months ago
- ☆18Updated 8 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Updated 2 years ago
- ☆10Updated 5 months ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆13Updated last year
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆14Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- Misery Loader to bypass modern EDR solutions☆11Updated 6 months ago
- BOF for C2 framework☆41Updated 7 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 11 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- A pure C version of SymProcAddress☆27Updated last year
- Parent Process ID Spoofing, coded in CGo.☆22Updated 2 months ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- A simple website to act as a store for havoc modules and extensions☆27Updated 5 months ago
- ☆12Updated last year
- ☆27Updated 5 months ago
- A utility that can be used to launch an executable with a DLL injected☆20Updated last year
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆14Updated last year
- A bunch of shenanigans using functions, VEH and more☆24Updated 2 weeks ago