ZephrFish / HelloJackHunterLinks
Research into WinSxS binaries and finding hijackable paths
☆28Updated last month
Alternatives and similar repositories for HelloJackHunter
Users that are interested in HelloJackHunter are comparing it to the libraries listed below
Sorting:
- Tool to aid in dumping LSASS process remotely☆39Updated 10 months ago
- ☆29Updated last year
- BOF to decrypt Signal Desktop chat logs☆65Updated 3 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆39Updated 2 weeks ago
- remote process injections using pool party techniques☆60Updated 3 months ago
- ☆23Updated 3 months ago
- ☆52Updated 5 months ago
- ☆99Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆55Updated 2 months ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆53Updated 5 months ago
- Section-based payload obfuscation technique for x64☆59Updated 9 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆42Updated 3 weeks ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆59Updated 3 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆27Updated 11 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆82Updated 7 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 4 months ago
- ☆62Updated 4 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- Linker for Beacon Object Files☆70Updated this week
- ☆55Updated 7 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆47Updated 3 weeks ago
- Bypassing Amsi using LdrLoadDll☆44Updated 4 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- Sleep Obfuscation☆45Updated 2 years ago
- Execute dotnet app from unmanaged process☆75Updated 5 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 9 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆77Updated 3 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆24Updated last month
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆62Updated last year