Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆21Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆30Updated 2 weeks ago
- Python module for running BOFs☆71Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆85Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆75Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆33Updated 11 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆68Updated last year
- load dumped csharp binaries as assemblies and launch them in memory☆27Updated last year
- ☆47Updated 2 years ago
- ☆18Updated last month
- ☆48Updated 2 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆39Updated 4 years ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆12Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- Scripts to interact with Microsoft Graph APIs☆43Updated 8 months ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 5 months ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆19Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- ☆59Updated last year
- IOXIDResolver from AirBus Security/PingCastle☆51Updated 4 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆55Updated 4 years ago
- A care package of useful bofs for red team engagments☆55Updated 7 months ago