An open-source process injection enumeration tool written in C#
☆174Dec 16, 2022Updated 3 years ago
Alternatives and similar repositories for wanderer
Users that are interested in wanderer are comparing it to the libraries listed below
Sorting:
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- a tool to help operate in EDRs' blind spots☆766Dec 2, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- ☆83Nov 1, 2023Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆362Dec 19, 2022Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆429Jul 22, 2022Updated 3 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆501Jan 10, 2023Updated 3 years ago
- Threadless Process Injection using remote function hooking.☆810Sep 4, 2024Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- A string obfuscator for .NET apps, built to evade static string analysis.☆109Jan 3, 2023Updated 3 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆497Nov 29, 2022Updated 3 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- WNF Code Execution Library Using C#☆110May 18, 2020Updated 5 years ago
- Simple BOF to read the protection level of a process☆118May 10, 2023Updated 2 years ago
- Native Syscalls Shellcode Injector☆267Jul 2, 2023Updated 2 years ago
- ☆20Mar 21, 2024Updated last year
- Easy red team phishing with Puppeteer☆132Feb 6, 2023Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆517Feb 1, 2024Updated 2 years ago
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory☆332Jun 22, 2024Updated last year