Folder Or File Delete to Get System Shell on Current Session Desktop
☆47Jan 14, 2025Updated last year
Alternatives and similar repositories for FilesystemEoPDesktopSystemShell
Users that are interested in FilesystemEoPDesktopSystemShell are comparing it to the libraries listed below
Sorting:
- Some stuff for PHD2021☆14May 21, 2025Updated 9 months ago
- A Reflective Loader for macOS☆147Jul 20, 2025Updated 7 months ago
- 一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得☆48Jan 23, 2025Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- ☆53Sep 23, 2025Updated 5 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- A set of tools and exploits to cause DoS for remote Windows Server & Windows 11 machines☆32Feb 9, 2026Updated 2 weeks ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated 8 months ago
- ☆198Mar 28, 2025Updated 10 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 10 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆50May 5, 2025Updated 9 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 8 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 6 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆281Sep 18, 2024Updated last year
- Validates priv escalation of AD trusts☆48Apr 1, 2025Updated 10 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 3 months ago
- ForsHops☆59Mar 25, 2025Updated 11 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆76Nov 11, 2024Updated last year
- ☆38Oct 16, 2025Updated 4 months ago
- bof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Read…☆298Updated this week
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆91Aug 21, 2025Updated 6 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Escape macOS Sandbox using sharedfilelistd exploit☆63Jun 28, 2025Updated 7 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆125Dec 6, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago
- ☆21Jan 15, 2025Updated last year
- Title is self explaining, well theres few methods we can do to read locked file and play with it...☆96Jan 5, 2026Updated last month