Tylous / Ivy
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆20Updated 2 years ago
Alternatives and similar repositories for Ivy:
Users that are interested in Ivy are comparing it to the libraries listed below
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆14Updated 2 years ago
- Rewrite to fit my needs☆27Updated 9 months ago
- Simple .NET loader for loading and executing Powershell payloads☆16Updated 3 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆55Updated 3 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated 11 months ago
- Click Once + App Domain☆61Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆81Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆21Updated 2 years ago
- Bunch of BOF files☆30Updated 4 months ago
- ☆48Updated last year
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 9 months ago
- A care package of useful bofs for red team engagments☆55Updated 4 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 10 months ago
- Python module for running BOFs☆70Updated last year
- SAM Dumping in C#☆48Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 2 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated 7 months ago
- Python3 rewrite of AsOutsider features of AADInternals☆44Updated 4 months ago
- ☆17Updated 6 months ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Sniffing files generator☆54Updated 2 months ago
- ☆59Updated last year
- A VSCode devcontainer for development of COFF files with batteries included.☆48Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆13Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆21Updated 10 months ago