dfirfpi / dpapilabLinks
Windows DPAPI laboratory
☆91Updated 7 years ago
Alternatives and similar repositories for dpapilab
Users that are interested in dpapilab are comparing it to the libraries listed below
Sorting:
- DPAPI offline decryption utility☆69Updated 2 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆137Updated 7 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 6 years ago
- ☆63Updated 9 years ago
- A collection of tools to enumerate and analyse Windows DACLs☆108Updated 9 years ago
- ☆52Updated 6 years ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆77Updated 2 years ago
- PoC dlls for Task Scheduler COM Hijacking☆94Updated 8 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆104Updated 7 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes☆61Updated 7 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆86Updated 7 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆91Updated 10 years ago
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago
- POSHSPY backdoor code☆43Updated 8 years ago
- ☆79Updated 9 years ago
- ☆83Updated 9 years ago
- VBS Reversed TCP Meterpreter Stager☆87Updated 8 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆99Updated 5 years ago
- A set of demos and a PowerShell module to interact with DotNetInterop.☆68Updated 7 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆104Updated 7 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆76Updated 6 years ago
- Elevation by environment variable expansion☆65Updated 8 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆45Updated 8 years ago
- ☆216Updated 7 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆167Updated 7 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆115Updated 8 years ago
- All the Power with no Shell☆36Updated 3 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆50Updated 7 years ago