WithSecureLabs / dotnet-gargoyle
A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
☆52Updated 6 years ago
Alternatives and similar repositories for dotnet-gargoyle:
Users that are interested in dotnet-gargoyle are comparing it to the libraries listed below
- Loads .NET Assembly Via CLR Loader☆16Updated 6 years ago
- ☆18Updated 3 years ago
- DLL hijacking vulnerability scanner and PE infector tool☆18Updated 7 years ago
- AMSI detection PoC☆31Updated 5 years ago
- ☆21Updated 3 years ago
- POC code to crash Windows Event Logger Service☆26Updated 4 years ago
- Tool to manage user privileges☆28Updated 5 years ago
- ☆15Updated 5 years ago
- ☆28Updated 7 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- C# code to run PIC using CreateThread☆17Updated 6 years ago
- ☆11Updated 5 years ago
- A tool to create COM class/interface relationships in neo4j☆49Updated 2 years ago
- ☆14Updated 5 years ago
- My experience using Windows API for offensive purposes☆17Updated 3 years ago
- ☆45Updated 6 years ago
- Specialized tool to dump Position Independent Code.☆22Updated 4 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Updated 3 years ago
- Disable PPL via custom driver and dump lsass☆15Updated 4 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- ☆25Updated 2 years ago
- ☆48Updated 3 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- ☆16Updated 3 years ago
- ☆15Updated last year
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- ☆31Updated 4 years ago
- Extended Process List (Search functionality)☆29Updated 4 years ago
- A library to parse, modify, and implement Malleable C2 profiles☆21Updated 6 years ago