Tylous / FaceDancer
FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading
☆232Updated 3 months ago
Alternatives and similar repositories for FaceDancer:
Users that are interested in FaceDancer are comparing it to the libraries listed below
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W�…☆149Updated 8 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆235Updated 2 months ago
- ☆280Updated last month
- ☆161Updated 2 months ago
- Nameless C2 - A C2 with all its components written in Rust☆254Updated 3 months ago
- An interactive shell to spoof some LOLBins command line☆181Updated 11 months ago
- A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.☆107Updated 2 months ago
- ☆185Updated 11 months ago
- Extracting NetNTLM without touching lsass.exe☆233Updated last year
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆150Updated last month
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆180Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆101Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆175Updated 3 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆179Updated last week
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 7 months ago
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆183Updated 6 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 8 months ago
- Continuous password spraying tool☆121Updated last month
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆212Updated last month
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆212Updated 2 months ago
- sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment☆358Updated last week
- ☆269Updated last year
- A shellcode injection tool showcasing various process injection techniques☆135Updated last year
- My implementation of the GIUDA project in C++☆167Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆157Updated last month
- Amazing whoami alternatives☆138Updated 9 months ago
- ☆166Updated last week
- ☆136Updated 5 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆153Updated 7 months ago