Tylous / IvyLinks
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆21Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 2 years ago
- Simple .NET loader for loading and executing Powershell payloads☆17Updated 3 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆42Updated 7 months ago
- ☆48Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 11 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated 2 years ago
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆31Updated 3 years ago
- Click Once + App Domain☆62Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- Rewrite to fit my needs☆28Updated 11 months ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆84Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆40Updated 11 months ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- load dumped csharp binaries as assemblies and launch them in memory☆27Updated last year
- ☆38Updated 3 years ago
- ☆25Updated 3 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Excel Add In Payload Generator☆11Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- ☆59Updated last year
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆50Updated 5 months ago
- SAM Dumping in C#☆48Updated 5 months ago
- A pure C version of SymProcAddress☆27Updated last year
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆54Updated 5 years ago