Wh04m1001 / SysmonEoPLinks
☆184Updated 2 years ago
Alternatives and similar repositories for SysmonEoP
Users that are interested in SysmonEoP are comparing it to the libraries listed below
Sorting:
- ☆162Updated 2 years ago
- A basic emulation of an "RPC Backdoor"☆241Updated 2 years ago
- Reuse open handles to dynamically dump LSASS.☆246Updated last year
- ☆113Updated 3 years ago
- POC tools for exploring SMB over QUIC protocol☆126Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- Repository contains psexec, which will help to exploit the forgotten pipe☆171Updated 9 months ago
- ☆88Updated 3 years ago
- ☆248Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆299Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆106Updated 2 years ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆140Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆257Updated 2 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Updated 3 years ago
- Weaponized HellsGate/SigFlip☆199Updated 2 years ago
- RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows☆7Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆149Updated 3 years ago
- Run Your Payload Without Running Your Payload☆180Updated 2 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆236Updated 2 years ago
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆115Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆98Updated 2 years ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆164Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆333Updated last year
- A BOF to automate common persistence tasks for red teamers☆284Updated 2 years ago
- AV/EDR evasion via direct system calls.☆108Updated last year
- Coerce Windows machines auth via MS-EVEN☆164Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆224Updated 2 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- ☆92Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆194Updated 2 years ago