VirtualAlllocEx / DSC_SVC_REMOTELinks
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.
☆55Updated 2 years ago
Alternatives and similar repositories for DSC_SVC_REMOTE
Users that are interested in DSC_SVC_REMOTE are comparing it to the libraries listed below
Sorting:
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆64Updated 9 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- ☆60Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆110Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆89Updated 3 years ago
- A care package of useful bofs for red team engagments☆55Updated 10 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 10 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆88Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆90Updated 3 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆71Updated 6 months ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆84Updated 2 years ago
- C# havoc implant☆101Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆83Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆102Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆130Updated 2 years ago
- Reasonably undetected shellcode stager and executer.☆37Updated 4 months ago
- ☆47Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- in-process powershell runner for BRC4☆47Updated last year
- ☆48Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- EvtPsst☆55Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆87Updated last year
- Python module for running BOFs☆74Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆106Updated 2 years ago