Offensive-Panda / D3MPSECLinks
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆25Updated 10 months ago
Alternatives and similar repositories for D3MPSEC
Users that are interested in D3MPSEC are comparing it to the libraries listed below
Sorting:
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 6 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- ☆56Updated 9 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 9 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆98Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆42Updated 10 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆43Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆42Updated 2 years ago
- ☆36Updated 2 years ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆30Updated 2 weeks ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- ☆107Updated 5 months ago
- ☆53Updated 7 months ago
- Bypassing Amsi using LdrLoadDll☆45Updated 6 months ago
- DFSCoerce exe revisited version with custom authentication☆41Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 11 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated 11 months ago
- Rewrite to fit my needs☆30Updated last year
- Construct the payload at runtime using an array of offsets☆63Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- ☆49Updated 3 weeks ago
- ☆59Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆28Updated 2 years ago
- in-process powershell runner for BRC4☆46Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆55Updated 7 months ago
- ☆97Updated 11 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54Updated 2 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆63Updated last year