edparcell / HelloWorldXll
A simple XLL, showing how to create an XLL from scratch.
☆42Updated 8 years ago
Related projects: ⓘ
- Runs programs as TrustedInstaller☆43Updated 5 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆38Updated 4 years ago
- Running .NET from VBA☆129Updated last year
- code for the Proxy DLL example blog post☆57Updated 2 years ago
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆90Updated 5 years ago
- Execute .Net assemblies using Rundll32.exe☆110Updated 3 years ago
- ☆19Updated 3 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆62Updated 4 years ago
- Managed code hooking template.☆127Updated 2 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆39Updated 5 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆43Updated 2 years ago
- VBA Macro obfuscator☆13Updated 4 years ago
- Simple Process Hollowing in C#☆66Updated 6 years ago
- TCP reverse shell written in C# with the option to choose between Windows command prompt or MS powershell.☆26Updated 5 years ago
- ☆35Updated last year
- VBA Obfuscator which I used for obfuscating vba codes to embed into Microsoft Word document while I'm doing some signature bypass testing…☆32Updated 4 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆73Updated 4 years ago
- x64 Registration-Free In-Process COM Automation Server.☆46Updated last year
- C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.☆67Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- Code Exec via Excel☆83Updated 7 years ago
- A C port of b33f's UrbanBishop☆35Updated 3 years ago
- ☆33Updated 6 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆32Updated 4 years ago
- External C2 Using IE COM Objects☆96Updated 5 years ago
- A simple POC to demonstrate the power of .NET debugging for injection☆71Updated 4 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆59Updated 3 years ago
- ☆50Updated this week
- MSBuild Without MSBuild.exe☆155Updated 3 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆27Updated 5 years ago