Tylous / FaceDancer
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
☆269Updated 5 months ago
Alternatives and similar repositories for FaceDancer:
Users that are interested in FaceDancer are comparing it to the libraries listed below
- ☆304Updated 3 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆151Updated 10 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆255Updated 4 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆159Updated 3 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆173Updated last month
- Continuous password spraying tool☆174Updated 3 weeks ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆250Updated 7 months ago
- Nameless C2 - A C2 with all its components written in Rust☆263Updated 5 months ago
- ☆171Updated 4 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆160Updated 2 weeks ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆566Updated 8 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆324Updated 2 weeks ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆252Updated 2 months ago
- ☆186Updated last year
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆232Updated 3 months ago
- yet another AV killer tool using BYOVD☆268Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆214Updated this week
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆197Updated last month
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- Evasive shellcode loader☆349Updated 5 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆184Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆180Updated 6 months ago
- psexecsvc - a python implementation of PSExec's native service implementation☆183Updated last month
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆348Updated 3 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆120Updated 2 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆261Updated this week
- ☆285Updated last week
- ☆274Updated last year