A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
☆32Feb 3, 2023Updated 3 years ago
Alternatives and similar repositories for VSTO-POC
Users that are interested in VSTO-POC are comparing it to the libraries listed below
Sorting:
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆43Mar 25, 2025Updated 11 months ago
- Clone running process with ZwCreateProcess☆59Nov 8, 2020Updated 5 years ago
- ☆22May 29, 2020Updated 5 years ago
- ☆12Feb 4, 2025Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆202Aug 2, 2023Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3☆27Aug 18, 2024Updated last year
- Shaco is a linux agent for havoc☆170Oct 25, 2023Updated 2 years ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Mar 11, 2020Updated 5 years ago
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- ☆11Jan 8, 2022Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Mar 27, 2022Updated 3 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.☆32Jul 16, 2021Updated 4 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- ☆53Sep 23, 2025Updated 5 months ago
- ☆52Feb 8, 2024Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Rust program for interfacing with the gigabyte driver to gain access to powerful primitives such as arbitrary kernel memcpy.☆17Nov 26, 2022Updated 3 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- Dump the memory of any PPL with a Userland exploit chain☆350Mar 17, 2023Updated 2 years ago
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆128Jul 5, 2024Updated last year
- Simple python script for AD enumeration☆31Apr 5, 2021Updated 4 years ago
- ☆32Feb 13, 2026Updated 2 weeks ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- Simple Aggressor Scripts for Cobalt Strike☆13Sep 24, 2020Updated 5 years ago
- ☆19Dec 18, 2024Updated last year