Tylous / FaceDancerLinks
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
☆399Updated last year
Alternatives and similar repositories for FaceDancer
Users that are interested in FaceDancer are comparing it to the libraries listed below
Sorting:
- ☆378Updated 3 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆315Updated 4 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Updated last year
- Evasive shellcode loader☆398Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆329Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆270Updated last year
- Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence☆423Updated 3 months ago
- yet another AV killer tool using BYOVD☆300Updated 2 years ago
- ☆246Updated last year
- ☆189Updated 2 years ago
- Open Source C&C Specification☆278Updated 11 months ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆432Updated 7 months ago
- ☆290Updated 2 years ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆259Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆212Updated last year
- Stealthily inject shellcode into an executable☆444Updated 3 months ago
- ☆186Updated 7 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆282Updated last year
- Ghosting-AMSI☆220Updated 9 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Updated 9 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆183Updated 2 years ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆155Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆197Updated last year
- Analyse your malware to surgically obfuscate it☆517Updated last month
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆264Updated 9 months ago
- Nameless C2 - A C2 with all its components written in Rust☆282Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆354Updated 9 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Updated 9 months ago
- Extracting NetNTLM without touching lsass.exe☆242Updated 2 years ago