alexlee820 / PatchedCLRLoaderLinks
.NET assembly loader with patching AMSI and ETW bypass
☆26Updated last month
Alternatives and similar repositories for PatchedCLRLoader
Users that are interested in PatchedCLRLoader are comparing it to the libraries listed below
Sorting:
- .NET assembly loader with patchless AMSI and ETW bypass in Rust☆49Updated 7 months ago
- A python script that automates a C2 Profile build☆41Updated 2 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆96Updated 2 months ago
- Impersonate Tokens using only NTAPI functions☆73Updated 2 months ago
- ☆55Updated 3 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆76Updated 3 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆83Updated last month
- 🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.☆69Updated last month
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆49Updated last month
- ☆111Updated 4 months ago
- A Mythic agent for Windows written in C☆122Updated last week
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆91Updated 3 weeks ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆46Updated 3 weeks ago
- ☆45Updated last month
- Tool to bypass LSA Protection (aka Protected Process Light)☆53Updated 5 months ago
- ☆96Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 9 months ago
- Mockingjay process self injection POC☆32Updated last year
- Execute commands interactively on remote Windows machines using the WinRM protocol☆63Updated this week
- ☆107Updated 3 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆115Updated 2 months ago
- ☆136Updated last month
- AzureAD beacon object files☆119Updated 5 months ago
- ☆49Updated this week
- Cortex EDR Ransomware protection Bypass☆24Updated 3 months ago
- Windows Thread Pool Injection Havoc Implementation☆30Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆121Updated 8 months ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆37Updated 6 months ago
- A collection of position independent coding resources☆78Updated 3 months ago
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆30Updated last week