Mr-Un1k0d3r / WindowsDllsExport

Related projects: ⓘ

• Wh04m1001 / IDiagnosticProfileUAC
  ☆176Updated 2 years ago
• jfmaes / Invoke-DLLClone
  Koppeling x Metatwin x LazySign
  ☆200Updated 3 years ago
• cube0x0 / ParallelSyscalls
  C# version of MDSec's ParallelSyscalls
  ☆138Updated 2 years ago
• sailay1996 / CdpSvcLPE
  Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
  ☆247Updated 2 years ago
• jfmaes / AmsiHooker
  Hookers are cooler than patches.
  ☆167Updated 2 years ago
• OmriBaso / RToolZ
  A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
  ☆309Updated last year
• xforcered / InlineExecute-Assembly
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆182Updated 3 years ago
• Flangvik / DLLSideloader
  PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading
  ☆113Updated 5 years ago
• cube0x0 / MiniDump
  C# Lsass parser
  ☆277Updated 2 years ago
• D1rkMtr / ExecRemoteAssembly
  ☆245Updated this week
• subat0mik / whoamsi
  An effort to track security vendors' use of Microsoft's Antimalware Scan Interface
  ☆227Updated 2 years ago
• waldo-irc / YouMayPasser
  You shall pass
  ☆241Updated 2 years ago
• pracsec / AmsiBypassHookManagedAPI
  A new AMSI Bypass technique using .NET ALI Call Hooking.
  ☆179Updated last year
• xforcered / CredBandit
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆229Updated 3 years ago
• boku7 / Ninja_UUID_Runner
  Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
  ☆430Updated last year
• APTortellini / DefenderSwitch
  Stop Windows Defender using the Win32 API
  ☆186Updated 2 years ago
• snovvcrash / NimHollow
  ☆228Updated this week
• Sh0ckFR / InlineWhispers2
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆177Updated 2 years ago
• FULLSHADE / Jektor
  ☆146Updated this week
• cube0x0 / CVE-2021-36934
  ☆269Updated this week
• med0x2e / NoAmci
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆213Updated 4 years ago
• bats3c / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆259Updated 3 years ago
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆263Updated last year
• boku7 / winx64-InjectAllProcessesMeterpreter-Shellcode
  64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
  ☆127Updated last year
• rad9800 / misc
  miscellaneous scripts and programs
  ☆211Updated last year
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆230Updated 2 years ago
• klezVirus / CandyPotato
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆299Updated 3 years ago
• rasta-mouse / DInvoke
  Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
  ☆137Updated 7 months ago
• RiccardoAncarani / LiquidSnake
  LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
  ☆328Updated 3 years ago