A PowerShell script to prevent Sysmon from writing its events
☆17Apr 23, 2020Updated 5 years ago
Alternatives and similar repositories for MuteSysmon
Users that are interested in MuteSysmon are comparing it to the libraries listed below
Sorting:
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- ☆11Oct 4, 2018Updated 7 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- ☆18Jul 3, 2020Updated 5 years ago
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Apr 23, 2020Updated 5 years ago
- .NET 4.0 Fast Directory / File Lister☆27Sep 25, 2020Updated 5 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- ☆37Dec 10, 2017Updated 8 years ago
- ☆33Aug 10, 2019Updated 6 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- ☆28Aug 10, 2019Updated 6 years ago
- A PE morphing tool that allows you to mimic one executable file to another.☆11Dec 6, 2023Updated 2 years ago
- In 'n Out - See what goes in and comes out of PEs☆35May 12, 2022Updated 3 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- A simple example on how to initiate a direct syscall on WoW64☆12Feb 2, 2018Updated 8 years ago
- ☆155Aug 17, 2020Updated 5 years ago
- Injection of managed code into non-managed Windows applications☆28Jan 17, 2019Updated 7 years ago
- CVE-2020-5837 exploit☆42May 13, 2020Updated 5 years ago
- A Generic Windows Memory Scraping Tool☆70Apr 20, 2017Updated 8 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆157Jun 10, 2019Updated 6 years ago
- Yara Plugin for Binary Ninja☆13Feb 13, 2018Updated 8 years ago