MzHmO / Privileger
Privileger is a tool to work with Windows Privileges
☆136Updated 2 years ago
Alternatives and similar repositories for Privileger:
Users that are interested in Privileger are comparing it to the libraries listed below
- My implementation of the GIUDA project in C++☆167Updated last year
- Run Your Payload Without Running Your Payload☆180Updated 2 years ago
- Amazing whoami alternatives☆139Updated 11 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆96Updated last year
- ☆165Updated last year
- random code snippets, useful for getting started☆116Updated 4 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆231Updated 3 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- ☆142Updated 7 months ago
- ☆120Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆150Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆87Updated 8 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆63Updated 9 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆147Updated 5 months ago
- Hide your P/Invoke signatures through other people's signed assemblies☆204Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆175Updated last year
- Automated .NET AppDomain hijack payload generation☆120Updated last month
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 7 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 10 months ago
- Our Tips&Tricks☆111Updated 3 weeks ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆231Updated last year
- ☆274Updated last year