S3cur3Th1sSh1t / SharpByeBearView external linksLinks
AppXSVC Service race condition - privilege escalation
☆30Jul 30, 2019Updated 6 years ago
Alternatives and similar repositories for SharpByeBear
Users that are interested in SharpByeBear are comparing it to the libraries listed below
Sorting:
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆18Jul 2, 2021Updated 4 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- ☆54Apr 27, 2019Updated 6 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- ☆33Aug 10, 2019Updated 6 years ago
- Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass☆18Nov 4, 2017Updated 8 years ago
- Load PE via XML Attribute☆32Feb 1, 2020Updated 6 years ago
- ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.☆13Aug 12, 2019Updated 6 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆37Jun 26, 2019Updated 6 years ago
- Reflective DLL Injection style process infector☆20Jul 23, 2018Updated 7 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- Synaptics Audio Driver LPE☆37Apr 15, 2019Updated 6 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- ☆12Apr 21, 2019Updated 6 years ago
- Control Panel and Builder (Working)☆10Apr 15, 2017Updated 8 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆130May 25, 2021Updated 4 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆62Apr 18, 2019Updated 6 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- Service Enumeration C# .NET Assembly☆59Sep 14, 2021Updated 4 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Remote Administration Tool, Server Written in C# and Client Written in C++☆15Dec 8, 2022Updated 3 years ago
- ☆36Mar 11, 2019Updated 6 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- WMI SA stuffs☆30Apr 18, 2022Updated 3 years ago
- A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.☆59Jun 11, 2019Updated 6 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- A lexer and parser for Sleep☆20May 14, 2025Updated 9 months ago
- Download a .NET payload and run it on memory☆70Apr 12, 2019Updated 6 years ago
- DarkC0ders net is a open source botnet which is programmed in C#, using the .NET 2.0 Framework.☆10Dec 1, 2019Updated 6 years ago
- Windows Local Privilege Escalation - 0 Day Vulnerability (schtasks.exe) released by @SandboxEscaper :)☆17May 22, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Modular rootkit framework.☆30Mar 26, 2021Updated 4 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated last month
- Trojan downloader simple virus☆16Sep 30, 2018Updated 7 years ago