edparcell / HelloWorldXll

Related projects: ⓘ

• lilkui / runasti
  Runs programs as TrustedInstaller
  ☆43Updated 5 years ago
• glinares / VBA-Stendhal
  Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware
  ☆38Updated 4 years ago
• med0x2e / vba2clr
  Running .NET from VBA
  ☆129Updated last year
• Cobalt-Strike / ProxyDLLExample
  code for the Proxy DLL example blog post
  ☆57Updated 2 years ago
• TheWover / EasyNet
  Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…
  ☆90Updated 5 years ago
• p3nt4 / RunDLL.Net
  Execute .Net assemblies using Rundll32.exe
  ☆110Updated 3 years ago
• rmdavy / VBAFunctionPointers
  ☆19Updated 3 years ago
• TheWover / Manager
  Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET
  ☆62Updated 4 years ago
• FuzzySecurity / Dendrobate
  Managed code hooking template.
  ☆127Updated 2 years ago
• TheWover / ModuleMonitor
  Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
  ☆39Updated 5 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆43Updated 2 years ago
• oriolOrnaque / VBAObfuscator
  VBA Macro obfuscator
  ☆13Updated 4 years ago
• ambray / ProcessHollowing
  Simple Process Hollowing in C#
  ☆66Updated 6 years ago
• ihack4falafel / ReverseShell
  TCP reverse shell written in C# with the option to choose between Windows command prompt or MS powershell.
  ☆26Updated 5 years ago
• CCob / ProvisionAppx
  ☆35Updated last year
• ch4meleon / vba_obfuscator
  VBA Obfuscator which I used for obfuscating vba codes to embed into Microsoft Word document while I'm doing some signature bypass testing…
  ☆32Updated 4 years ago
• homjxi0e / ReaCOM
  ReaCOM has got a lot of tools to use and is related to component object model
  ☆73Updated 4 years ago
• ctxis / DynamicWrapperEx
  x64 Registration-Free In-Process COM Automation Server.
  ☆46Updated last year
• cobbr / C2Bridge
  C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.
  ☆67Updated 3 years ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 3 years ago
• moohax / xllpoc
  Code Exec via Excel
  ☆83Updated 7 years ago
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆35Updated 3 years ago
• ThunderGunExpress / OutlookToolbox_v2
  ☆33Updated 6 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆32Updated 4 years ago
• mdsecactivebreach / Browser-ExternalC2
  External C2 Using IE COM Objects
  ☆96Updated 5 years ago
• xpn / DotNetDebug
  A simple POC to demonstrate the power of .NET debugging for injection
  ☆71Updated 4 years ago
• jackullrich / universal-syscall-64
  Resolve syscall numbers at runtime for all Windows versions.
  ☆59Updated 3 years ago
• NUL0x4C / W0wS3cur1tyEDR
  ☆50Updated this week
• rvrsh3ll / MSBuildAPICaller
  MSBuild Without MSBuild.exe
  ☆155Updated 3 years ago
• ewilded / PPID_spoof
  An example of how to spawn a process with a spoofed parent PID (Visual C++)
  ☆27Updated 5 years ago