daddycocoaman / volplugins
Repository of Volatility3 plugins
☆21Updated 2 years ago
Alternatives and similar repositories for volplugins:
Users that are interested in volplugins are comparing it to the libraries listed below
- Python tool to find vulnerable AD object and generating csv report☆14Updated 2 years ago
- ☆45Updated last year
- a tiny program to consume from ETW providers for research☆46Updated 2 months ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆55Updated 2 years ago
- ☆72Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- A PoC for achieving persistence via push notifications on Windows☆46Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- ☆37Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Updated 2 years ago
- Windows Persistence Toolkit in C#☆36Updated 2 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Validates priv escalation of AD trusts☆35Updated 3 months ago
- ☆41Updated 8 months ago
- Simple and sane cryptographic wrapper library.☆27Updated last year
- Lifetime AMSI bypass.☆35Updated 9 months ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆91Updated last year
- Python module for running BOFs☆69Updated last year
- Items related to the RedELK workshop given at security conferences☆28Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆37Updated 3 years ago
- Docker container for running CobaltStrike 4.10☆36Updated 6 months ago
- Collection of Rust repos useful for Red Teamers.☆32Updated 2 years ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆37Updated 5 months ago
- ☆88Updated 2 years ago