Wh1t3Rh1n0 / PECheck
A tool to verify and create PE Checksums for Portable Executable (PE) files.
☆50Updated last year
Related projects ⓘ
Alternatives and complementary repositories for PECheck
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆134Updated 5 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆80Updated 4 months ago
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆73Updated 3 weeks ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆114Updated 5 months ago
- Slide decks and/or materials from conference presentations☆54Updated last year
- ☆83Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- Living Off the Foreign Land setup scripts☆62Updated 2 weeks ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆89Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆86Updated 2 years ago
- ☆125Updated 3 months ago
- Python module for running BOFs☆64Updated last year
- Find DLLs with RWX section☆75Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆104Updated 6 months ago
- D/Invoke standalone shellcode runners☆37Updated 11 months ago
- Small project to facilitate creation of .lnk payloads☆62Updated last year
- ☆108Updated 3 years ago
- Find .net assemblies locally☆88Updated 2 years ago
- Async Python library to parse local and remote disk images.☆75Updated 2 months ago
- ☆68Updated last year
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆101Updated last year
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆83Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- ☆73Updated 6 months ago
- ☆66Updated 3 months ago
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆29Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 4 months ago
- Do some DLL SideLoading magic☆74Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago