Mr-Un1k0d3r / WindowsDllsExport
A list of all the DLLs export in C:\windows\system32\
☆209Updated 2 years ago
Related projects: ⓘ
- ☆176Updated 2 years ago
- Koppeling x Metatwin x LazySign☆200Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆138Updated 2 years ago
- Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)☆247Updated 2 years ago
- Hookers are cooler than patches.☆167Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆309Updated last year
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆182Updated 3 years ago
- PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading☆113Updated 5 years ago
- C# Lsass parser☆277Updated 2 years ago
- ☆245Updated this week
- An effort to track security vendors' use of Microsoft's Antimalware Scan Interface☆227Updated 2 years ago
- You shall pass☆241Updated 2 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆179Updated last year
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆229Updated 3 years ago
- Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!☆430Updated last year
- Stop Windows Defender using the Win32 API☆186Updated 2 years ago
- ☆228Updated this week
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆177Updated 2 years ago
- ☆146Updated this week
- ☆269Updated this week
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆213Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆259Updated 3 years ago
- A BOF to automate common persistence tasks for red teamers☆263Updated last year
- 64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.☆127Updated last year
- miscellaneous scripts and programs☆211Updated last year
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆230Updated 2 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆299Updated 3 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆137Updated 7 months ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆328Updated 3 years ago