S3cur3Th1sSh1t / SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
☆11Updated 3 years ago
Alternatives and similar repositories for SharpRDP:
Users that are interested in SharpRDP are comparing it to the libraries listed below
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- ☆38Updated 2 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆22Updated 2 years ago
- Bunch of BOF files☆30Updated 3 months ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 4 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆89Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆74Updated 2 years ago
- API Hammering with C++20☆45Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆42Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Simple .NET loader for loading and executing Powershell payloads☆16Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated last year
- ☆57Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆104Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆92Updated 3 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 8 months ago
- Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.☆19Updated 3 years ago
- Sleep Obfuscation☆43Updated 2 years ago
- A care package of useful bofs for red team engagments☆54Updated 3 months ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated last year
- Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…☆25Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Updated 2 years ago
- Offensive tool for fileless lateral movement on Windows networks☆25Updated 10 months ago