ZeroPointSecurity / PInvoke
☆49Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for PInvoke
- ☆122Updated 11 months ago
- Lateral Movement via the .NET Profiler☆76Updated this week
- ☆83Updated 6 months ago
- Find DLLs with RWX section☆75Updated last year
- �☆118Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Simple BOF to read the protection level of a process☆104Updated last year
- ☆104Updated this week
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆111Updated last year
- ☆61Updated 2 years ago
- ☆96Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 10 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- Implant drop-in for EDR testing☆128Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- ☆133Updated last year
- ☆59Updated 4 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- ☆73Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆58Updated 8 months ago
- Beacon Object File allowing creation of Beacons in different sessions.☆76Updated 2 years ago
- Host CLR and run .NET binaries using Rust☆61Updated 3 weeks ago
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆70Updated 4 years ago