S1lkys / SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
☆350Updated 6 months ago
Alternatives and similar repositories for SharpKiller:
Users that are interested in SharpKiller are comparing it to the libraries listed below
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆283Updated 10 months ago
- Attempt at Obfuscated version of SharpCollection☆205Updated last month
- Amsi Bypass payload that works on Windwos 11☆376Updated last year
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆443Updated last month
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆261Updated this week
- DPAPI looting remotely and locally in Python☆448Updated 3 weeks ago
- .net config loader☆313Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆579Updated 3 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆435Updated last month
- Slides & Code snippets for a workshop held @ x33fcon 2024☆255Updated 9 months ago
- ☆274Updated last year
- Impacket is a collection of Python classes for working with network protocols.☆278Updated 2 months ago
- Kill AV/EDR leveraging BYOVD attack☆343Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆287Updated 4 months ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆539Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆487Updated last year
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆147Updated 2 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆287Updated last year
- Protected Process Dumper Tool☆532Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434