cyberark / DLLSpy
DLL Hijacking Detection Tool
☆502Updated 5 years ago
Alternatives and similar repositories for DLLSpy:
Users that are interested in DLLSpy are comparing it to the libraries listed below
- Tool to bypass LSA Protection (aka Protected Process Light)☆918Updated 2 years ago
- Just another Windows Process Injection☆390Updated 4 years ago
- Dump the memory of a PPL with a userland exploit☆862Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,131Updated 3 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆748Updated 3 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆553Updated 3 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆742Updated 4 years ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,118Updated last year
- LSASS memory dumper using direct system calls and API unhooking.☆1,508Updated 4 years ago
- Tool to create hidden registry keys.☆476Updated 5 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆920Updated 3 years ago
- Process Injection☆755Updated 3 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆643Updated 11 months ago
- Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.☆455Updated 9 months ago
- DLL and PowerShell script to assist with finding DLL hijacks☆334Updated 4 years ago
- This is a standalone exploit for a vulnerable feature in Capcom.sys☆293Updated 2 years ago
- Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading☆763Updated 4 years ago
- A way to delete a locked file, or current running executable, on disk.☆511Updated 6 months ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆792Updated 2 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆384Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆329Updated 3 years ago
- ☆480Updated 7 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,280Updated last year
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆344Updated 4 years ago
- eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)☆464Updated last year
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,121Updated last year
- Universal Unhooking☆318Updated 6 years ago
- AV/EDR evasion via direct system calls.☆1,590Updated 2 years ago
- Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".☆388Updated 4 years ago
- ☆465Updated last year