gh0x0st / wanderer
An open-source process injection enumeration tool written in C#
☆167Updated last year
Related projects ⓘ
Alternatives and complementary repositories for wanderer
- ☆160Updated 2 years ago
- ☆217Updated last year
- Patch AMSI and ETW☆232Updated 6 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆250Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆135Updated 6 months ago
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year
- Attempt at Obfuscated version of SharpCollection☆189Updated last week
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆166Updated last year
- A collection of code snippets built to assist with breaking chains.☆115Updated 6 months ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆258Updated 2 years ago
- ☆267Updated last year
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆181Updated 2 years ago
- Run Your Payload Without Running Your Payload☆177Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆97Updated last year
- ☆112Updated last year
- .NET/PowerShell/VBA Offensive Security Obfuscator☆90Updated 6 months ago
- Generate Shellcode Loaders & Injects☆152Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆281Updated last year
- Weaponized HellsGate/SigFlip☆194Updated last year
- ☆181Updated 7 months ago
- ☆295Updated last year
- Extracting NetNTLM without touching lsass.exe☆224Updated 11 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- Kill AV/EDR leveraging BYOVD attack☆309Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆216Updated last year
- C# AV/EDR Killer using less-known driver (BYOVD)☆157Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆171Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆190Updated 5 months ago