dosxuz / DefenderStop
Stop Defender Service using C# via Token Impersonation
☆171Updated 2 years ago
Related projects: ⓘ
- PowerShell Constrained Language Mode Bypass☆221Updated 3 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Updated 2 years ago
- Collection of remote authentication triggers in C#☆449Updated 4 months ago
- A User Impersonation tool - via Token or Shellcode injection☆397Updated 2 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆412Updated 2 years ago
- ☆341Updated 3 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆389Updated 7 months ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆179Updated last year
- Bypass AMSI by patching AmsiScanBuffer☆251Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆441Updated last year
- ☆159Updated last year
- Shellcode launcher for AV bypass☆215Updated 8 months ago
- C# Lsass parser☆277Updated 2 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆360Updated last year
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆371Updated 5 months ago
- A collection of code snippets built to assist with breaking chains.☆114Updated 4 months ago
- ☆400Updated 9 months ago
- Run Powershell without software restrictions.☆278Updated 3 years ago
- Python tool to Check running WebClient services on multiple targets based on @leechristensen☆247Updated 3 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆293Updated 6 months ago
- ☆373Updated last year
- Recovering NTLM hashes from Credential Guard☆326Updated last year
- ☆345Updated 3 years ago
- COM Hijacking VOODOO☆253Updated 6 months ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆246Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆384Updated 2 months ago
- MS-FSRVP coercion abuse PoC☆269Updated 2 years ago
- Persistence by writing/reading shellcode from Event Log☆363Updated 2 years ago
- Koppeling x Metatwin x LazySign☆200Updated 3 years ago
- Collection of some of my own tools with other great open source tools out there packaged into a powershell module☆140Updated 2 years ago