cyberark / DLLSpy
DLL Hijacking Detection Tool
☆486Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for DLLSpy
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆873Updated 3 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆898Updated last year
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆544Updated 3 years ago
- Dump the memory of a PPL with a userland exploit☆845Updated 2 years ago
- Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.☆439Updated 5 months ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆715Updated 3 years ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,081Updated last year
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,113Updated 3 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆631Updated 8 months ago
- Adaptive DLL hijacking / dynamic export forwarding☆724Updated 4 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆378Updated 4 years ago
- Just another Windows Process Injection☆389Updated 4 years ago
- Process Injection☆750Updated 3 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,486Updated 3 years ago
- Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".☆384Updated 4 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆791Updated 2 years ago
- DLL and PowerShell script to assist with finding DLL hijacks☆329Updated 4 years ago
- This is a standalone exploit for a vulnerable feature in Capcom.sys☆283Updated 2 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆329Updated 3 years ago
- ☆473Updated 7 years ago
- Also known by Microsoft as Knifecoat☆1,113Updated last year
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆1,223Updated 3 months ago
- Steal a primary token and spawn cmd.exe using the stolen token☆252Updated 3 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆789Updated 4 years ago
- ☆462Updated last year
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆442Updated 3 years ago
- Tool to create hidden registry keys.☆465Updated 5 years ago
- eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)☆465Updated last year
- This program is designed to demonstrate various process injection techniques☆1,075Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,256Updated 11 months ago