Ridter / atexec-pro
Fileless atexec, no more need for port 445
☆364Updated last year
Alternatives and similar repositories for atexec-pro:
Users that are interested in atexec-pro are comparing it to the libraries listed below
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆238Updated 9 months ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆410Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆374Updated last year
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆451Updated 8 months ago
- ☆223Updated 10 months ago
- Attempt at Obfuscated version of SharpCollection☆205Updated last month
- Credential Guard Bypass Via Patching Wdigest Memory☆321Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆291Updated 4 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆443Updated last month
- Terminate AV/EDR Processes using kernel driver☆340Updated last year
- A Tool that aims to evade av with binary padding☆147Updated 8 months ago
- ☆228Updated 4 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆250Updated 7 months ago
- Escalate Service Account To LocalSystem via Kerberos☆393Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆305Updated 11 months ago
- ☆323Updated last month
- ☆214Updated last year
- A Windows potato to privesc☆359Updated 7 months ago
- Local privilege escalation from SeImpersonatePrivilege using EfsRpc.☆311Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆430Updated last year
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆371Updated 2 years ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆203Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆216Updated last year
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆201Updated last year
- ☆162Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆193Updated 4 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆437Updated last month
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆232Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆572Updated 8 months ago