X-C3LL / SharpNTLMRawUnHide
C# version of NTLMRawUnHide
β72Updated 2 years ago
Alternatives and similar repositories for SharpNTLMRawUnHide:
Users that are interested in SharpNTLMRawUnHide are comparing it to the libraries listed below
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flaggedβ86Updated 2 years ago
- Enumerate information from NTLM authentication enabled web endpoints πβ35Updated last year
- A care package of useful bofs for red team engagmentsβ55Updated 4 months ago
- Click Once + App Domainβ61Updated last year
- β62Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjectionβ55Updated 3 years ago
- β38Updated 2 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows APIβ85Updated 2 years ago
- Windows Persistence Toolkit in C#β36Updated 2 years ago
- β86Updated 3 years ago
- Unchain AMSI by patching the providerβs unmonitored memory spaceβ90Updated 2 years ago
- β88Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!β65Updated last week
- β75Updated 2 years ago
- β58Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.β80Updated 2 years ago
- SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your aβ¦β73Updated 11 months ago
- Modified versions of the Cobalt Strike Process Injection Kitβ94Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publisheβ¦β51Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)β54Updated 2 years ago
- β93Updated 2 years ago
- .NET project for installing Persistenceβ64Updated 3 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.β74Updated 2 years ago
- WhoAmI by asking the LDAP service on a domain controller.β62Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOFβ94Updated 3 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.β39Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback funcβ¦β86Updated 2 years ago
- C# Port of LdapRelayScanβ81Updated 3 years ago
- Lockless BOFβ71Updated last week
- Grab unsaved Notepad contents with a Beacon Object Fileβ51Updated 2 years ago