Offensive-Panda / D3MPSEC
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆24Updated 7 months ago
Alternatives and similar repositories for D3MPSEC:
Users that are interested in D3MPSEC are comparing it to the libraries listed below
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆34Updated 7 months ago
- ☆27Updated 3 months ago
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- ☆55Updated 6 months ago
- BOF for C2 framework☆41Updated 5 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated 9 months ago
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆16Updated last year
- All my POC related to malware development☆11Updated 11 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- Rewrite to fit my needs☆27Updated 9 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆42Updated 2 years ago
- ☆20Updated 10 months ago
- in-process powershell runner for BRC4☆45Updated last year
- ☆52Updated 4 months ago
- ☆26Updated 11 months ago
- Section-based payload obfuscation technique for x64☆59Updated 8 months ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆25Updated 6 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆94Updated last year
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆49Updated 4 months ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆18Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- SAM Dumping in C#☆48Updated 3 months ago
- ☆36Updated 2 years ago
- Proxy function calls through the thread pool with ease☆25Updated 2 months ago
- Cortex EDR Ransomware protection Bypass☆21Updated 2 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆36Updated last week