aress31 / clm-routLinks
A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
☆20Updated 3 years ago
Alternatives and similar repositories for clm-rout
Users that are interested in clm-rout are comparing it to the libraries listed below
Sorting:
- PowerSploit - A PowerShell Post-Exploitation Framework☆42Updated 7 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆69Updated last year
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 4 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 3 years ago
- A curated list of tools and techniques written from experience in weaponization of malware☆37Updated last year
- Simple tool to perform HTML Smuggling.☆68Updated 4 years ago
- ☆47Updated 3 years ago
- ☆74Updated 4 months ago
- Token Elevation to authorized user as SYSTEM or Domain Admins☆24Updated 2 years ago
- Small project to facilitate creation of .lnk payloads☆73Updated 2 years ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆88Updated 2 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆46Updated 2 years ago
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆87Updated last year
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆40Updated 4 years ago
- ☆27Updated 4 years ago
- Weaponising C# - Fundamentals Training Content☆70Updated 4 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- C# havoc implant☆101Updated 2 years ago
- AMSI Bypass for powershell☆29Updated 3 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆122Updated 3 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆88Updated 3 years ago
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆98Updated last year
- C# .Net Framework program that uses RunspaceFactory for Powershell command execution.☆20Updated 2 years ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆84Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Updated 3 years ago
- Get Fine Grained Password Policy☆76Updated 6 months ago