A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
☆32Feb 3, 2023Updated 3 years ago
Alternatives and similar repositories for VSTO-POC
Users that are interested in VSTO-POC are comparing it to the libraries listed below
Sorting:
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆43Mar 25, 2025Updated 11 months ago
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Jul 9, 2023Updated 2 years ago
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- ☆48Feb 11, 2023Updated 3 years ago
- ☆11Jan 8, 2022Updated 4 years ago
- Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3☆27Aug 18, 2024Updated last year
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Mar 11, 2020Updated 6 years ago
- ☆52Feb 8, 2024Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆203Aug 2, 2023Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆309Dec 9, 2023Updated 2 years ago
- ☆12Feb 4, 2025Updated last year
- ☆10Jan 17, 2022Updated 4 years ago
- Go library to allow native inline hooking in windows at runtime☆14Feb 7, 2024Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 9 months ago
- NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.☆32Jul 16, 2021Updated 4 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- ☆26Dec 29, 2021Updated 4 years ago
- Shaco is a linux agent for havoc☆170Oct 25, 2023Updated 2 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆505Dec 19, 2023Updated 2 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- ☆22May 29, 2020Updated 5 years ago
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 3 years ago
- Offensive V Programming☆18Nov 3, 2021Updated 4 years ago
- ☆53Sep 23, 2025Updated 5 months ago
- Tool for pivoting over SMB pipes☆16Jul 20, 2019Updated 6 years ago