Offensive-Panda / D3MPSEC
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆24Updated 5 months ago
Alternatives and similar repositories for D3MPSEC:
Users that are interested in D3MPSEC are comparing it to the libraries listed below
- DFSCoerce exe revisited version with custom authentication☆38Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆46Updated last year
- ☆52Updated 3 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- ☆36Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- in-process powershell runner for BRC4☆44Updated last year
- Rewrite to fit my needs☆27Updated 7 months ago
- Section-based payload obfuscation technique for x64☆59Updated 6 months ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆26Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- ☆47Updated 2 years ago
- SAM Dumping in C#☆42Updated last month
- ☆47Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆92Updated last year
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆16Updated 10 months ago
- ProcExp Driver (Ab)use☆20Updated 2 years ago
- ☆52Updated last month
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- All my POC related to malware development☆11Updated 9 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆31Updated last year
- A pure C version of SymProcAddress☆25Updated 11 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆66Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆32Updated 10 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 7 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆19Updated 4 months ago
- string/file/shellcode encryptor using AES/XOR☆11Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated 6 months ago