dtrizna / DInvoke_PoC
Hardened Proof of Concept of D/Invoke Process Injection malware
☆40Updated 4 years ago
Related projects: ⓘ
- ☆24Updated 3 years ago
- MiniDumpWriteDump behavior modification hook☆49Updated 3 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆97Updated last year
- D/Invoke port of UrbanBishop☆29Updated 3 years ago
- ☆51Updated 3 years ago
- C++ implant that interfaces with a SK8PARK server☆47Updated 3 years ago
- Load C# Code straight to memory☆54Updated 4 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 3 years ago
- aggressor and pycobalt scripts.☆18Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆100Updated 2 years ago
- ☆53Updated 2 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆68Updated 3 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago
- ☆90Updated 2 years ago
- RDPThief donut shellcode inject into mstsc☆74Updated 3 years ago
- Aggressor Script to Execute Assemblies from Github☆66Updated 3 years ago
- Suite of Shellcode Running Utilities☆105Updated 4 years ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆39Updated 4 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆50Updated 4 years ago
- AMSI Bypass Via the Heap☆105Updated 3 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆22Updated 4 years ago
- Initial Commit of Coresploit☆55Updated 2 years ago
- ☆65Updated 3 years ago
- IOXIDResolver from AirBus Security/PingCastle☆45Updated 3 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆94Updated 2 years ago
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆25Updated last year
- PoC to interact with local/remote registry hives through WMI☆81Updated 4 years ago
- A little scanner to check the LDAP Signing state☆46Updated 3 years ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆111Updated 3 years ago