Wh04m1001 / MSIExecEoP
Arbitrary File Delete in Windows Installer before 10.0.19045.2193
☆29Updated 2 years ago
Alternatives and similar repositories for MSIExecEoP:
Users that are interested in MSIExecEoP are comparing it to the libraries listed below
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 2 years ago
- ☆29Updated 2 years ago
- ☆26Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- ☆88Updated 2 years ago
- ☆39Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆68Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆26Updated 2 years ago
- Sliver agent rewritten in C++☆44Updated 6 months ago
- ☆47Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆79Updated 2 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 2 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆34Updated 4 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- Dell Driver EoP (CVE-2021-21551)☆32Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year
- BYOVD collection☆23Updated last year
- ☆82Updated 3 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆99Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- ☆28Updated 2 years ago
- ☆62Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- Plantronics Desktop Hub LPE☆37Updated 10 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆52Updated 3 years ago
- Beacon Object Files.☆35Updated last year