Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆22Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆21Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆86Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 3 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆39Updated 4 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆65Updated last year
- ☆34Updated 5 months ago
- ☆59Updated last year
- Python module for running BOFs☆72Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- ☆47Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- ☆18Updated 2 months ago
- ☆38Updated 3 years ago
- Rewrite to fit my needs☆30Updated last year
- Sniffing files generator☆59Updated 6 months ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 5 months ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆75Updated 2 years ago
- A care package of useful bofs for red team engagments☆55Updated 8 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated last year
- Small project to facilitate creation of .lnk payloads☆73Updated 2 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆23Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆54Updated 5 years ago
- C# havoc implant☆101Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆84Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆89Updated 2 years ago