VirtualAlllocEx / DSC_SVC_REMOTELinks
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.
☆51Updated 2 years ago
Alternatives and similar repositories for DSC_SVC_REMOTE
Users that are interested in DSC_SVC_REMOTE are comparing it to the libraries listed below
Sorting:
- Lateral Movement via the .NET Profiler☆82Updated 7 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- in-process powershell runner for BRC4☆45Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆63Updated 5 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- ☆59Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- ☆48Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆82Updated 8 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆95Updated last year
- Click Once + App Domain☆62Updated last year
- A repository with my code snippets for research/education purposes.☆50Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆84Updated 2 years ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated last year
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated last month
- Rewrite to fit my needs☆28Updated 11 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 4 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 6 months ago
- ☆55Updated 8 months ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆67Updated 2 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆40Updated 8 months ago
- ☆107Updated 4 months ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 11 months ago
- Duplicate not owned Token from Running Process☆72Updated last year
- Items related to the RedELK workshop given at security conferences☆29Updated last year