Yair-Men / PassengerLinks
ProcExp Driver (Ab)use
☆22Updated 2 years ago
Alternatives and similar repositories for Passenger
Users that are interested in Passenger are comparing it to the libraries listed below
Sorting:
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆84Updated 4 years ago
- ☆73Updated last year
- Aggressor script add-in for CobaltStrike to track file uploads☆48Updated 3 years ago
- Parses Cobalt Strike malleable C2 profiles.☆58Updated last week
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆60Updated 2 years ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆42Updated last year
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆27Updated 3 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Updated last year
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆29Updated 4 years ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆102Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆21Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…☆43Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆60Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- C# Port of LdapRelayScan☆87Updated 3 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Updated 8 months ago
- SAM Dumping in C#☆54Updated 10 months ago
- ☆31Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- Using LNK files and user input simulation to start processes under explorer.exe☆27Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆30Updated 2 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆90Updated 3 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- BypassCredGuard CS BOF☆47Updated 9 months ago