A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
☆38Jul 27, 2021Updated 4 years ago
Alternatives and similar repositories for netntlm
Users that are interested in netntlm are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DLL Exports Extraction BOF with optional NTFS transactions.☆92Nov 5, 2021Updated 4 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆116Aug 29, 2022Updated 3 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆21Apr 18, 2022Updated 4 years ago
- ☆276Jan 14, 2023Updated 3 years ago
- leaking net-ntlm with webdav☆25Feb 23, 2021Updated 5 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆108May 27, 2021Updated 5 years ago
- miscellaneous scripts and programs☆286May 13, 2026Updated last month
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- POC tools for exploring SMB over QUIC protocol☆132Apr 6, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- LdrLoadDll Unhooking☆132Jan 16, 2022Updated 4 years ago
- My experience using Windows API for offensive purposes☆17Jul 10, 2021Updated 4 years ago
- Running .NET from VBA☆147Feb 11, 2023Updated 3 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 6 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆118Sep 30, 2024Updated last year
- ☆29May 10, 2024Updated 2 years ago
- ☆45Oct 16, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A simple BOF that frees UDRLs☆124May 29, 2022Updated 4 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆218Oct 8, 2020Updated 5 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆122Jun 24, 2020Updated 5 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Feb 28, 2023Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆174Jan 27, 2020Updated 6 years ago
- Tool for interacting with outlook interop during red team engagements☆145Jun 29, 2021Updated 4 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆68May 2, 2023Updated 3 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Cobalt Strike Get clipboard plugin☆15Aug 11, 2023Updated 2 years ago
- ☆24Jul 29, 2021Updated 4 years ago
- MiniDumpWriteDump behavior modification hook☆50Feb 15, 2021Updated 5 years ago
- ☆38Oct 12, 2020Updated 5 years ago
- API Hammering with C++20☆52Jul 21, 2022Updated 3 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- ☆17Aug 15, 2021Updated 4 years ago