Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆21Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆21Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆14Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Rewrite to fit my needs☆28Updated 10 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆83Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- Simple .NET loader for loading and executing Powershell payloads☆17Updated 3 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 10 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆29Updated 4 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- Click Once + App Domain☆62Updated last year
- ☆40Updated this week
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆23Updated 2 weeks ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆50Updated 4 months ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆48Updated last year
- ☆48Updated 2 years ago
- HTML smuggling is not an evil, it can be useful☆13Updated 2 years ago
- Python module for running BOFs☆70Updated last year
- ☆59Updated last year
- Bypassing Amsi using LdrLoadDll☆44Updated 4 months ago
- Bunch of BOF files☆32Updated 5 months ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53Updated 5 years ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated last month
- Extension functionality for the NightHawk operator client☆27Updated last year