Offensive-Panda / D3MPSECLinks
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆27Updated last year
Alternatives and similar repositories for D3MPSEC
Users that are interested in D3MPSEC are comparing it to the libraries listed below
Sorting:
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 8 months ago
- ☆58Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated last year
- ☆37Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated 2 years ago
- string/file/shellcode encryptor using AES/XOR☆11Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- ☆50Updated 3 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Updated last year
- Section-based payload obfuscation technique for x64☆64Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- ☆31Updated 9 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆43Updated last year
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆44Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆60Updated 5 months ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆30Updated 2 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆60Updated 9 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆56Updated 4 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 6 months ago
- Sniffing files generator☆59Updated 8 months ago
- ☆109Updated 8 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆52Updated 5 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated 7 months ago