Wh1t3Rh1n0 / PECheckView external linksLinks
A tool to verify and create PE Checksums for Portable Executable (PE) files.
☆56Jun 14, 2023Updated 2 years ago
Alternatives and similar repositories for PECheck
Users that are interested in PECheck are comparing it to the libraries listed below
Sorting:
- rust port of pspy with support for process monitoring over dbus☆35Jan 4, 2026Updated last month
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- ☆48May 12, 2021Updated 4 years ago
- A lexer and parser for Sleep☆20May 14, 2025Updated 9 months ago
- ☆160Mar 27, 2023Updated 2 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆43Mar 25, 2025Updated 10 months ago
- TokenCert☆102Nov 15, 2024Updated last year
- C or BOF file to extract WebKit master key to decrypt user cookie☆207Apr 29, 2024Updated last year
- I have documented all of the AMSI patches that I learned till now☆75Nov 4, 2025Updated 3 months ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆146May 18, 2024Updated last year
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- Nemesis agent for Mythic☆28Dec 11, 2025Updated 2 months ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆117Oct 21, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆671Aug 15, 2025Updated 6 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- ☆43Jan 2, 2023Updated 3 years ago
- COFF file (BOF) for managing Kerberos tickets.☆321Jul 2, 2023Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆138Sep 12, 2022Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆273Dec 27, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 6 months ago
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 4 months ago
- POC tool to abuse windows server failover clusters☆54Aug 7, 2025Updated 6 months ago
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- ☆125Dec 12, 2025Updated 2 months ago
- Tools for interacting with authentication packages using their individual message protocols☆368Feb 1, 2026Updated 2 weeks ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆187Feb 12, 2023Updated 3 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- ☆124May 12, 2021Updated 4 years ago
- ☆154Mar 26, 2025Updated 10 months ago
- A self-hosted Armory implementation.☆21Jan 1, 2026Updated last month
- ☆146Nov 6, 2025Updated 3 months ago
- ☆33Mar 19, 2025Updated 10 months ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- ☆46Jun 21, 2023Updated 2 years ago