Offensive-Panda / ShadowDumper
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
☆144Updated this week
Related projects ⓘ
Alternatives and complementary repositories for ShadowDumper
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆190Updated 5 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆248Updated 5 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆171Updated last year
- ☆176Updated last month
- C2 Infrastructure Automation☆86Updated last week
- AV/EDR Lab environment setup references to help in Malware development☆165Updated last week
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆197Updated last week
- Extracting NetNTLM without touching lsass.exe☆223Updated 11 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆155Updated 3 weeks ago
- C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.☆132Updated this week
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 6 months ago
- ☆180Updated last month
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆146Updated 6 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆265Updated 3 months ago
- ☆181Updated 7 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆136Updated 2 weeks ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆168Updated last month
- ☆139Updated 4 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆153Updated 2 weeks ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆148Updated last month
- Different methods to get current username without using whoami☆172Updated 9 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Updated 3 months ago
- Nameless C2 - A C2 with all its components written in Rust☆239Updated last month
- C# AV/EDR Killer using less-known driver (BYOVD)☆156Updated last year
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆132Updated 3 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆154Updated 2 weeks ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆168Updated 8 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆104Updated 6 months ago
- ☆125Updated 3 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆125Updated this week