dfirfpi / dpapilabLinks
Windows DPAPI laboratory
☆93Updated 7 years ago
Alternatives and similar repositories for dpapilab
Users that are interested in dpapilab are comparing it to the libraries listed below
Sorting:
- A repository of some of my Windows 10 Device Guard Bypasses☆138Updated 8 years ago
- DPAPI offline decryption utility☆70Updated 2 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆100Updated 6 years ago
- PoC dlls for Task Scheduler COM Hijacking☆94Updated 9 years ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆79Updated 2 years ago
- ☆80Updated 9 years ago
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit☆100Updated 6 years ago
- VBS Reversed TCP Meterpreter Stager☆89Updated 8 years ago
- Shim database persistence (Fin7 TTP)☆37Updated 5 years ago
- import pyd or execute PE all from memory using only pure python code and some shellcode tricks☆74Updated 8 years ago
- A collection of tools to enumerate and analyse Windows DACLs☆109Updated 10 years ago
- POSHSPY backdoor code☆44Updated 8 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Breaking the security of Microsoft's RMS☆55Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 6 years ago
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago
- ☆64Updated 9 years ago
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆131Updated 11 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆47Updated 8 years ago
- Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes☆62Updated 8 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆92Updated 10 years ago
- A sample bot for Cobalt Strike 3☆22Updated 9 years ago
- Set of my small utils related to cryptography, encoding, decoding etc☆88Updated last year
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆99Updated 7 years ago
- Windows link file (shortcuts) examiner☆68Updated last year
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆87Updated 7 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆216Updated 5 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Updated 8 years ago
- Smart DLL execution for malware analysis in sandbox systems☆144Updated 10 years ago