buldansec / EnableEFSLinks
Enable EFS service as low priv user (PE & BOF)
☆20Updated 3 months ago
Alternatives and similar repositories for EnableEFS
Users that are interested in EnableEFS are comparing it to the libraries listed below
Sorting:
- BOF to decrypt Signal Desktop chat logs☆73Updated 8 months ago
- BOF to terminate a process via PID as argument☆27Updated last month
- A bunch of shenanigans using functions, VEH and more☆36Updated 4 months ago
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆21Updated 8 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆60Updated 11 months ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 6 months ago
- Arsenal of modules to beacon postex formats like BOF/Shellcode including: dotnet in memory execution, dumps (wifi, clipboard, screenshot,…☆45Updated this week
- ☆30Updated 9 months ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆14Updated 4 months ago
- Proxy function calls through the thread pool with ease☆30Updated 8 months ago
- Lurker is a cross-platform, companion implant to Cobalt Strike built with Go☆33Updated last month
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Updated 7 months ago
- ☆38Updated 6 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆76Updated 2 months ago
- Bunch of BOF files☆35Updated 3 months ago
- bring your own clean ntdll (or other MS dlls)☆28Updated 3 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 8 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆61Updated last year
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆32Updated 2 months ago
- Load and execute a common object file format (COFF) in the current process☆31Updated last year
- BOF for C2 framework☆44Updated 11 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 9 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆81Updated 3 months ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆31Updated last year
- macOS dylib stager☆36Updated 9 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆30Updated 6 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- Post-Ex BOF tooling for Hannibal☆24Updated 11 months ago
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago