d3lb3 / KeeFarceReborn
A standalone DLL that exports databases in cleartext once injected in the KeePass process.
☆289Updated last year
Related projects: ⓘ
- ☆327Updated last week
- Recovering NTLM hashes from Credential Guard☆326Updated last year
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆509Updated last year
- ☆373Updated last year
- ☆260Updated last year
- ☆216Updated 11 months ago
- Spoofing desktop login applications with WinForms and WPF☆169Updated 7 months ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆312Updated 2 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆441Updated last year
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆389Updated 7 months ago
- ☆290Updated last year
- Stop Defender Service using C# via Token Impersonation☆171Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆367Updated last month
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆316Updated 2 months ago
- ☆159Updated last year
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆452Updated 9 months ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆418Updated 2 months ago
- ☆341Updated 3 years ago
- A windows token impersonation tool☆276Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆214Updated last year
- DPAPI looting remotely and locally in Python☆406Updated last month
- DNS Tunneling using powershell to download and execute a payload. Works in CLM.☆213Updated 2 years ago
- OPSEC safe Kerberoasting in C#☆187Updated 2 years ago
- Collection of remote authentication triggers in C#☆449Updated 4 months ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆179Updated last year
- Fully modular persistence framework☆249Updated last year
- A User Impersonation tool - via Token or Shellcode injection☆397Updated 2 years ago
- .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access☆150Updated last year
- An open-source process injection enumeration tool written in C#☆165Updated last year
- ☆290Updated last year