dfirfpi / dpapilabLinks
Windows DPAPI laboratory
☆93Updated 7 years ago
Alternatives and similar repositories for dpapilab
Users that are interested in dpapilab are comparing it to the libraries listed below
Sorting:
- A repository of some of my Windows 10 Device Guard Bypasses☆139Updated 8 years ago
- DPAPI offline decryption utility☆70Updated 2 years ago
- PoC dlls for Task Scheduler COM Hijacking☆94Updated 9 years ago
- ☆64Updated 9 years ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆79Updated 2 years ago
- POSHSPY backdoor code☆44Updated 8 years ago
- Breaking the security of Microsoft's RMS☆55Updated 6 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆100Updated 6 years ago
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit☆100Updated 6 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆47Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆87Updated 7 years ago
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago
- A collection of tools to enumerate and analyse Windows DACLs☆109Updated 10 years ago
- Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes☆62Updated 8 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆99Updated 7 years ago
- ☆80Updated 9 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 6 years ago
- A sample bot for Cobalt Strike 3☆22Updated 9 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Updated 8 years ago
- Reflective Polymorphism☆106Updated 7 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117Updated 6 years ago
- UAC Bypass with mmc via alpc☆157Updated 6 years ago
- Shim database persistence (Fin7 TTP)☆37Updated 5 years ago
- DLL Password Filter Implant with Exfiltration Capabilities☆138Updated 5 years ago
- VBS Reversed TCP Meterpreter Stager☆89Updated 8 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Powershell Persistence Locator☆66Updated 9 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- ☆52Updated 7 years ago