SafeBreach-Labs / MagicDot
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
☆96Updated 11 months ago
Alternatives and similar repositories for MagicDot:
Users that are interested in MagicDot are comparing it to the libraries listed below
- ☆70Updated 7 months ago
- A more reliable way of resolving syscall numbers in Windows☆48Updated last year
- ☆29Updated 3 months ago
- ☆78Updated last year
- ☆98Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- Python module for running BOFs☆70Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆86Updated last year
- Find DLLs with RWX section☆78Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆72Updated 2 months ago
- ☆28Updated 10 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆84Updated 11 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆76Updated 7 months ago
- ☆133Updated last year
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- ☆96Updated 2 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- ☆48Updated last year
- ☆85Updated 7 months ago
- Simple BOF to read the protection level of a process☆114Updated last year
- A work in progress BOF/COFF loader in Rust☆47Updated 2 years ago
- ☆108Updated 4 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- ☆149Updated 3 months ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆60Updated last year