"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆28Sep 18, 2024Updated last year
Alternatives and similar repositories for D3MPSEC
Users that are interested in D3MPSEC are comparing it to the libraries listed below
Sorting:
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51May 8, 2024Updated last year
- Learning Process Injection and Hollowing techniques☆42Jun 26, 2022Updated 3 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆26Jul 26, 2024Updated last year
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- A Sublime Text plugin that allows for Nmap syntax highlighting☆13Sep 14, 2024Updated last year
- string/file/shellcode encryptor using AES/XOR☆11Oct 15, 2023Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 8 months ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- .NET assembly loader with patching AMSI and ETW bypass☆31Apr 16, 2025Updated 10 months ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 7 months ago
- This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offer…☆20May 22, 2025Updated 9 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆138May 22, 2025Updated 9 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- Implementation of Indirect Syscall technique to pop a calc.exe☆113Jan 25, 2024Updated 2 years ago
- Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato☆12Feb 8, 2020Updated 6 years ago
- A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches☆16Nov 29, 2024Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- ☆17May 7, 2025Updated 9 months ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆23Feb 17, 2024Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Creating a Bind Shell in C☆18Aug 21, 2023Updated 2 years ago
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Collection of Offensive C# Tooling☆13Nov 4, 2021Updated 4 years ago
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆104Jan 26, 2026Updated last month
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Apr 17, 2021Updated 4 years ago