NVISOsecurity / brown-bags
☆111Updated last year
Related projects ⓘ
Alternatives and complementary repositories for brown-bags
- Weaponising C# - Fundamentals Training Content☆70Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆139Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆184Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆178Updated 2 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆121Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆110Updated last year
- ☆138Updated 2 years ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆111Updated 3 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆154Updated 2 years ago
- ☆69Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆232Updated 3 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆159Updated 3 years ago
- Rewrote HellsGate in C# for fun and learning☆84Updated 2 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆169Updated 3 years ago
- MiniDumpWriteDump behavior modification hook☆49Updated 3 years ago
- Simple EDR implementation to demonstrate bypass☆159Updated 4 years ago
- AMSI Bypass Via the Heap☆105Updated 4 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆83Updated 2 years ago
- WNF Code Execution Library Using C#☆108Updated 4 years ago
- Cobalt Strike Beacon Object Files☆158Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆86Updated 2 years ago
- Hookers are cooler than patches.☆166Updated 2 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆83Updated 4 years ago
- A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn☆100Updated last year
- Koppeling x Metatwin x LazySign☆203Updated 3 years ago