duhirsch / sigspoox
Spoofing signatures in Office Open XML Documents (Word, Excel, Powerpoint)
☆25Updated last year
Related projects: ⓘ
- Load a dynamic library from memory using a fuse mount☆27Updated last year
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆26Updated 4 years ago
- Finds imports that could be exploited, still requires manual analysis.☆26Updated last year
- all credits go to @mgeeky☆58Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆38Updated last year
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆32Updated 3 years ago
- A library to parse, modify, and implement Malleable C2 profiles☆21Updated 5 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆51Updated 2 years ago
- Asynchronous NFSv3 client in pure Python☆22Updated 3 months ago
- Cobalt Strike Get clipboard plugin☆12Updated last year
- ☆25Updated this week
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆22Updated 3 years ago
- Unpacker for donut shellcode☆10Updated 4 years ago
- ☆53Updated this week
- Disable PPL via custom driver and dump lsass☆13Updated 3 years ago
- ☆63Updated this week
- A little implant which SSH's back with a shell☆36Updated 2 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 2 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- ☆31Updated this week
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- ☆25Updated this week
- ☆41Updated last year
- A simple Linux in-memory .so loader☆25Updated last year
- LoadLibrary for offensive operations☆32Updated 2 years ago
- ☆16Updated this week
- Ntdll Unhooking POC☆19Updated 2 years ago