Soledge / BlockEtw
.Net Assembly to block ETW telemetry in current process
☆78Updated 4 years ago
Alternatives and similar repositories for BlockEtw:
Users that are interested in BlockEtw are comparing it to the libraries listed below
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆58Updated 6 years ago
- ☆70Updated 3 years ago
- C# application that allows you to quick run SSH commands against a host or list of hosts☆42Updated 4 years ago
- PoC to interact with local/remote registry hives through WMI☆85Updated 4 years ago
- Capture screenshots from .NET using .NET methods or Windows API calls☆67Updated 5 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 4 years ago
- External C2 Using IE COM Objects☆100Updated 6 years ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Updated 4 years ago
- SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.☆90Updated 4 years ago
- MiniDumpWriteDump behavior modification hook☆50Updated 4 years ago
- C# .NET Assembly for interacting with File Object DACLs☆42Updated 5 years ago
- Extension of SMBLibrary for RPC calls☆33Updated 10 months ago
- Port of Invoke-Excel4DCOM☆105Updated 5 years ago
- Implementation of SpoolSample without rDLL☆28Updated 4 years ago
- A little tool to play with Kerberos.☆66Updated 2 years ago
- A little scanner to check the LDAP Signing state☆46Updated 3 years ago
- .NET project for writing files to local or remote hosts☆41Updated 5 years ago
- ☆93Updated 3 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆61Updated 3 years ago
- C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.☆69Updated 4 years ago
- aggressor and pycobalt scripts.☆18Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 4 years ago
- SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and s…☆62Updated 4 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- Load C# Code straight to memory☆54Updated 4 years ago
- I have created a small C# project that requests a Ticket Granting Service (TGS) ticket using KerberosSecurityTokenProvider to use for Ker…☆5Updated 11 months ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- DInvisibleRegistry☆82Updated 4 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆79Updated 2 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆86Updated 3 years ago