fortra / Reversing-and-Exploiting-with-Free-Tools-Series
Tips and tricks on reversing and exploiting Windows using free and easy to get tools.
☆23Updated last year
Alternatives and similar repositories for Reversing-and-Exploiting-with-Free-Tools-Series:
Users that are interested in Reversing-and-Exploiting-with-Free-Tools-Series are comparing it to the libraries listed below
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆20Updated 2 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆58Updated last year
- Cobalt Strike BOF for quser.exe implementation using Windows API☆83Updated last year
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆32Updated 2 years ago
- .NET project for installing Persistence☆64Updated 2 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆60Updated 2 years ago
- ☆25Updated 2 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆55Updated 2 years ago
- A PoC for achieving persistence via push notifications on Windows☆45Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆88Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆78Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆39Updated last year
- Dell Driver EoP (CVE-2021-21551)☆32Updated 2 years ago
- ☆46Updated last year
- Tool for playing with Windows Access Token manipulation.☆53Updated 2 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆52Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆102Updated 3 years ago
- ☆93Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆18Updated 2 years ago
- subTee gists code backups☆37Updated 7 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- ☆89Updated 2 years ago
- ☆42Updated 6 months ago
- 🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)☆80Updated 2 years ago
- Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082☆25Updated 2 years ago
- JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.☆12Updated last year
- ☆35Updated 2 years ago
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆17Updated 2 years ago