Offensive-Panda / D3MPSEC
"D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system calls, randomized procedures, and prototype name obfuscation. Its primary purpose is to bypass both static and dynamic analysis techniques commonly employed by security measures.
☆22Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for D3MPSEC
- ☆37Updated 3 weeks ago
- A pure C version of SymProcAddress☆23Updated 8 months ago
- BOF for C2 framework☆40Updated last week
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆13Updated 3 weeks ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆21Updated last year
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- DFSCoerce exe revisited version with custom authentication☆36Updated 10 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 3 months ago
- string/file/shellcode encryptor using AES/XOR☆11Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆81Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- All my POC related to malware development☆11Updated 6 months ago
- ☆46Updated last year
- ☆28Updated 5 months ago
- Unhook Ntdll.dll, Go & C++.☆14Updated 4 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆37Updated 10 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- Rewrite to fit my needs☆26Updated 4 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 6 months ago
- A simple rpc2socks alternative in pure Go.☆24Updated 4 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 5 months ago
- Detect userland hooks placed by AV/EDR☆26Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆55Updated 3 months ago
- convert compatible dlls to shellcode with sRDI. I don't remember where this came from, so if you recognize the code, let me know and I'll…☆12Updated 7 months ago
- Bypassing Amsi using LdrLoadDll☆24Updated last month
- ☆34Updated last year