abelcheung / rifiuti2
Windows Recycle Bin analyser
☆142Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for rifiuti2
- Powershell script for enumerating vulnerable DCOM Applications☆254Updated 5 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆147Updated 6 years ago
- Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool☆160Updated last year
- exe2powershell - exe2bat reborn for modern Windows☆167Updated 4 years ago
- Windows UAC Bypass☆96Updated 5 years ago
- Dump various types of Windows credentials without injecting in any process.☆417Updated last year
- Encode powershell payload into bat files☆146Updated 6 years ago
- Windows RID Hijacking persistence technique☆165Updated 2 years ago
- How To Execute Shellcode via HTA☆135Updated 6 years ago
- The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.☆52Updated 8 years ago
- Python tool to inject fake updates into unencrypted WSUS traffic☆116Updated 9 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆102Updated 3 years ago
- This project is just a dumping ground for random scripts I've developed.☆137Updated 2 months ago
- Active Directory forensic framework☆319Updated 2 years ago
- Netview enumerates systems using WinAPI calls☆289Updated 2 years ago
- UAC Bypass with mmc via alpc☆155Updated 5 years ago
- Uses Invoke-Shellcode to execute a payload and persist on the system.☆111Updated 7 years ago
- A PoC WMI backdoor presented at Black Hat 2015☆269Updated 9 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago
- MSBuildShell, a Powershell Host running within MSBuild.exe☆282Updated 5 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆319Updated 7 years ago
- Web-based check for Windows privesc vulnerabilities☆138Updated last year
- PowerShell oneliner to retrieve wdigest passwords from the memory☆218Updated 6 years ago
- OFFICE DDEAUTO Payload Generation script☆125Updated 3 years ago
- ☆118Updated 9 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆229Updated 6 years ago
- Remove individual lines from Windows XML Event Log (EVTX) files☆260Updated 3 years ago