Offensive-Panda / D3MPSECLinks
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆27Updated last year
Alternatives and similar repositories for D3MPSEC
Users that are interested in D3MPSEC are comparing it to the libraries listed below
Sorting:
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Updated 2 years ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆44Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated 2 years ago
- ☆59Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 10 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆83Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61Updated 7 months ago
- ☆52Updated 3 months ago
- ☆99Updated last year
- Less sugar (entropy) for your binaries☆34Updated 3 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆103Updated last year
- ☆32Updated 11 months ago
- Windows Thread Pool Injection Havoc Implementation☆33Updated last year
- Using LNK files and user input simulation to start processes under explorer.exe☆30Updated last year
- DFSCoerce exe revisited version with custom authentication☆41Updated last year
- ☆109Updated 10 months ago
- ☆83Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆24Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- ☆50Updated 5 months ago
- I have documented all of the AMSI patches that I learned till now☆76Updated last month
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆66Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆63Updated 11 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆100Updated 5 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Updated 2 years ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆62Updated 6 months ago