Tool for playing with Windows Access Token manipulation.
☆82Nov 28, 2022Updated 3 years ago
Alternatives and similar repositories for Godmode
Users that are interested in Godmode are comparing it to the libraries listed below
Sorting:
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- A windows token impersonation tool☆319Apr 19, 2023Updated 2 years ago
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- ☆61Feb 10, 2022Updated 4 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- Identify common attack paths to get Domain Administrator☆21Aug 20, 2019Updated 6 years ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 7 months ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆326Jan 31, 2023Updated 3 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆330Jul 15, 2024Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- ☆101Oct 7, 2023Updated 2 years ago
- Nim Library for Offensive Security Development☆197Sep 4, 2023Updated 2 years ago
- Call stack spoofing for Rust☆356Feb 7, 2025Updated last year
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆102Aug 25, 2022Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Modified version of PEAS client for offensive operations☆42Jan 16, 2023Updated 3 years ago
- Enumerate the Domain for Readable and Writable Shares☆23Nov 14, 2025Updated 3 months ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- I have documented all of the AMSI patches that I learned till now☆74Nov 4, 2025Updated 3 months ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago