blackarrowsec/Handly external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

blackarrowsec/Handly

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/blackarrowsec/Handly)

Close

blackarrowsec / HandlyView on GitHubMore

• External links
• Readme badge

Abuse leaked token handles.

☆136Dec 14, 2023Updated 2 years ago

Alternatives and similar repositories for Handly

Users that are interested in Handly are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• dmcxblue / SharpGhostTask

  View on GitHub
  A C# port from Invoke-GhostTask
  ☆121Jan 5, 2024Updated 2 years ago
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆117Jan 7, 2024Updated 2 years ago
• Bl4ckM1rror / PEAs

  View on GitHub
  ☆60Dec 15, 2023Updated 2 years ago
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Feb 11, 2024Updated 2 years ago
• Maldev-Academy / Christmas

  View on GitHub
  PoC demonstrating a multi process injection chain aimed at remotely executing shellcode
  ☆261Jan 21, 2024Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆156Oct 2, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆449Dec 21, 2023Updated 2 years ago
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆648May 8, 2025Updated last year
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• foxlox / GIUDA

  View on GitHub
  Ask a TGS on behalf of another user without password
  ☆481Mar 30, 2025Updated last year
• rkbennett / icmpsh

  View on GitHub
  Simple reverse ICMP shell
  ☆14Apr 30, 2024Updated 2 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆234Oct 18, 2022Updated 3 years ago
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆365Dec 19, 2022Updated 3 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆159Nov 7, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• Dec0ne / DavRelayUp

  View on GitHub
  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
  ☆573Jun 5, 2023Updated 3 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆411Jan 11, 2026Updated 4 months ago
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆103Oct 7, 2023Updated 2 years ago
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆194Mar 4, 2024Updated 2 years ago
• MzHmO / TGSThief

  View on GitHub
  My implementation of the GIUDA project in C++
  ☆189Jul 25, 2023Updated 2 years ago
• Mr-Un1k0d3r / .NetConfigLoader

  View on GitHub
  .net config loader
  ☆351Nov 9, 2023Updated 2 years ago
• MalwareTech / EDRception

  View on GitHub
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆203Dec 27, 2023Updated 2 years ago
• YOLOP0wn / POSTDump

  View on GitHub
  ☆345Nov 10, 2025Updated 6 months ago
• decoder-it / ADCSCoercePotato

  View on GitHub
  ☆248May 5, 2024Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• leftp / DPAPISnoop

  View on GitHub
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆141Sep 14, 2024Updated last year
• hackerhouse-opensource / SignToolEx

  View on GitHub
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆346Feb 2, 2026Updated 4 months ago
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago
• ipSlav / DirtyCLR

  View on GitHub
  An App Domain Manager Injection DLL PoC on steroids
  ☆214Dec 14, 2023Updated 2 years ago
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆262May 10, 2023Updated 3 years ago
• Mr-Un1k0d3r / Cookie-and-Handle-Stealer

  View on GitHub
  C or BOF file to extract WebKit master key to decrypt user cookie
  ☆208Apr 29, 2024Updated 2 years ago
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆628Jan 2, 2025Updated last year
• xpn / OktaPostExToolkit

  View on GitHub
  ☆200Nov 21, 2024Updated last year
• HuskyHacks / SharpTokenFinder

  View on GitHub
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆147Feb 1, 2026Updated 4 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆403Sep 14, 2023Updated 2 years ago
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆227Nov 23, 2023Updated 2 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated 2 years ago
• senzee1984 / InflativeLoading

  View on GitHub
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆326Apr 12, 2024Updated 2 years ago
• garrettfoster13 / sccmhunter

  View on GitHub
  SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…
  ☆918Updated this week
• MzHmO / NtlmThief

  View on GitHub
  Extracting NetNTLM without touching lsass.exe
  ☆244Nov 27, 2023Updated 2 years ago
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆883Feb 3, 2024Updated 2 years ago