Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆24Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆88Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆23Updated 3 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆67Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆76Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- Python module for running BOFs☆74Updated 2 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆34Updated last year
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Sniffing files generator☆59Updated 8 months ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆19Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 7 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆50Updated last year
- Small project to facilitate creation of .lnk payloads☆75Updated 3 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆87Updated 2 years ago
- ☆39Updated 3 years ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆28Updated 6 months ago
- C# havoc implant☆101Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Updated last year
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆21Updated 2 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 5 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 3 years ago
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆21Updated 3 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Updated 2 years ago
- A care package of useful bofs for red team engagments☆55Updated 11 months ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- ☆60Updated last year