(PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.
☆44Aug 1, 2021Updated 4 years ago
Alternatives and similar repositories for xlsGen
Users that are interested in xlsGen are comparing it to the libraries listed below
Sorting:
- ☆133Jul 14, 2021Updated 4 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- Managed code hooking template.☆134Nov 19, 2021Updated 4 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- Beacon Object File PoC implementation of KillDefender☆236Apr 12, 2022Updated 3 years ago
- Chromium Cookie import / export tool☆311Jun 20, 2023Updated 2 years ago
- This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…☆21Feb 2, 2020Updated 6 years ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆85Feb 26, 2023Updated 3 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆501Jan 25, 2022Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- ☆184Jul 2, 2022Updated 3 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Aug 18, 2023Updated 2 years ago
- Etwti-UnhookPOC just for test☆12Aug 23, 2022Updated 3 years ago
- My (OLD) RE Take On The Faux Green Petya Ransomware Builder & Client.☆20Jul 8, 2021Updated 4 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆24May 8, 2022Updated 3 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆228Jul 30, 2021Updated 4 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Jul 11, 2020Updated 5 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- PoCs of (outdated) privilege escalation vulnerability☆12Dec 31, 2024Updated last year
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆95Aug 1, 2022Updated 3 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Oct 25, 2021Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago