diversenok / TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
☆571Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for TokenUniverse
- A DLL loader with advanced evasive features☆652Updated last year
- Loads any C# binary in mem, patching AMSI + ETW.☆800Updated 3 years ago
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆662Updated this week
- Execute unmanaged Windows executables in CobaltStrike Beacons☆635Updated last year
- A tool that shows detailed information about named pipes in Windows☆565Updated 3 months ago
- ☆562Updated this week
- Important notes and topics on my journey towards mastering Windows Internals☆339Updated 6 months ago
- A .NET tool for exporting and importing certificates without touching disk.☆477Updated 3 years ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆810Updated last week
- PoCs and tools for investigation of Windows process execution techniques☆881Updated last week
- ☆728Updated last year
- LoadLibrary for offensive operations☆1,087Updated 3 years ago
- ☆467Updated 10 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆684Updated 7 months ago
- Nidhogg is an all-in-one simple to use windows kernel rootkit.☆1,780Updated last month
- Living Off The Land Drivers☆1,030Updated last month
- RPC Monitor tool based on Event Tracing for Windows☆329Updated 2 months ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆791Updated last year
- Spartacus DLL/COM Hijacking Toolkit☆991Updated 9 months ago
- ☆481Updated 2 months ago
- Tools and PoCs for Windows syscall investigation.☆354Updated 6 months ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆582Updated last year
- ☆377Updated last year
- KaynLdr is a Reflective Loader written in C/ASM☆519Updated 11 months ago
- ☆1,522Updated 2 months ago
- ☆460Updated 2 years ago
- A Highly capable Pe Packer☆683Updated 2 years ago
- A C# Command & Control framework☆948Updated 7 months ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆621Updated last year
- Great explanation of Process Hollowing (a Technique often used in Malware)☆1,253Updated last year