fabianosrc / TermsrvPatcherView external linksLinks
Patch termsrv.dll so that multiple remote users can open an RDP session on a non-Windows Server computer
☆409Feb 2, 2026Updated 2 weeks ago
Alternatives and similar repositories for TermsrvPatcher
Users that are interested in TermsrvPatcher are comparing it to the libraries listed below
Sorting:
- ☆37Jan 7, 2025Updated last year
- PoC to self-delete a binary in C#☆35Feb 6, 2024Updated 2 years ago
- A basic C2 framework written in C☆59Jul 7, 2024Updated last year
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆63Mar 1, 2025Updated 11 months ago
- ☆50Jul 9, 2025Updated 7 months ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 6 months ago
- Library of BOFs to interact with SQL servers☆222Dec 3, 2025Updated 2 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆118Aug 21, 2024Updated last year
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆27Aug 19, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- 在线安软识别☆12Aug 6, 2025Updated 6 months ago
- ☆20Sep 6, 2025Updated 5 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- find dll base addresses without PEB WALK☆157Jul 13, 2025Updated 7 months ago
- ☆137Feb 11, 2025Updated last year
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆115Oct 20, 2024Updated last year
- Repository to gather the .NET malware I will be developing☆18Mar 23, 2025Updated 10 months ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆59Dec 11, 2024Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆332Mar 6, 2025Updated 11 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- Enumerate Domain Users Without Authentication☆281Apr 22, 2025Updated 9 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆342Oct 14, 2025Updated 4 months ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆55Jul 13, 2025Updated 7 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated 11 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆188Dec 23, 2025Updated last month
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A set of programs for analyzing common vulnerabilities in COM☆246Sep 8, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆366Apr 19, 2023Updated 2 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆325Oct 20, 2025Updated 3 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Apr 26, 2025Updated 9 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆273Apr 17, 2023Updated 2 years ago