Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆24Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆40Updated 3 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆23Updated 3 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆22Updated 2 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆67Updated 2 years ago
- malleable profile generator GUI for Havoc☆56Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Updated 3 years ago
- Small project to facilitate creation of .lnk payloads☆76Updated 3 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆85Updated 9 months ago
- Sniffing files generator☆60Updated 11 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆77Updated 2 years ago
- ☆61Updated 2 years ago
- Rewrite to fit my needs☆32Updated last year
- ☆38Updated 10 months ago
- ☆59Updated last year
- ☆47Updated 2 years ago
- Extract registry and NTDS secrets from local or remote disk images☆45Updated 10 months ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆20Updated 3 years ago
- Bunch of BOF files☆37Updated 6 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆12Updated last year
- Python module for running BOFs☆79Updated 2 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated last year
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31Updated 8 months ago
- Click Once + App Domain☆64Updated 2 years ago
- in-process powershell runner for BRC4☆48Updated 2 years ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆64Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Updated last year
- Windows Thread Pool Injection Havoc Implementation☆33Updated last year
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆86Updated 2 years ago