☆221Apr 2, 2018Updated 8 years ago
Alternatives and similar repositories for ClrGuard
Users that are interested in ClrGuard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A set of demos and a PowerShell module to interact with DotNetInterop.☆69Apr 7, 2018Updated 8 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- ☆841Jun 1, 2023Updated 3 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 7 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,328Jan 18, 2021Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆193Mar 26, 2020Updated 6 years ago
- Historical Windows temporal memory-state research artifact for studying time-bound memory observations, validation limits, and defensive …☆906May 15, 2026Updated 3 weeks ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆371Feb 7, 2019Updated 7 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆205Dec 6, 2022Updated 3 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- ☆108Mar 21, 2017Updated 9 years ago
- ☆233Sep 10, 2017Updated 8 years ago
- View ETW Provider manifest☆605Nov 1, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ETW Python Library☆299Aug 11, 2023Updated 2 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated 2 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆101Jan 7, 2018Updated 8 years ago
- Automated, Collection, and Enrichment Platform☆326Nov 14, 2019Updated 6 years ago
- POC for IAT Parsing Payloads☆48Jan 1, 2017Updated 9 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,528Nov 15, 2023Updated 2 years ago
- Exploit primitives for PowerShell☆435Mar 25, 2018Updated 8 years ago
- Remote Recon and Collection☆461Nov 23, 2017Updated 8 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆852Mar 23, 2018Updated 8 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆855Jun 25, 2024Updated last year
- CScriptShell, a Powershell Host running within cscript.exe☆163Apr 11, 2017Updated 9 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆150Feb 15, 2020Updated 6 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆532Jul 2, 2025Updated 11 months ago
- A repository of some of my Windows 10 Device Guard Bypasses☆139Aug 3, 2017Updated 8 years ago
- ☆23May 28, 2021Updated 5 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆268Nov 18, 2022Updated 3 years ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,612Dec 10, 2018Updated 7 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆118Aug 7, 2022Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 6 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- Ruxcon2016 POC Code☆141Nov 21, 2016Updated 9 years ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆764Jan 28, 2019Updated 7 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆819Jul 6, 2020Updated 5 years ago
- Token Privilege Research☆884Sep 1, 2017Updated 8 years ago