gh0x0st / wandererLinks
An open-source process injection enumeration tool written in C#
☆171Updated 2 years ago
Alternatives and similar repositories for wanderer
Users that are interested in wanderer are comparing it to the libraries listed below
Sorting:
- ☆221Updated last year
- ☆165Updated 2 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆177Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- OPSEC safe Kerberoasting in C#☆192Updated 2 years ago
- Patch AMSI and ETW☆239Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆239Updated last year
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆256Updated 2 years ago
- Hookers are cooler than patches.☆169Updated 3 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆181Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆142Updated last year
- Different methods to get current username without using whoami☆176Updated last year
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆257Updated 2 years ago
- Run Your Payload Without Running Your Payload☆182Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆114Updated 2 years ago
- ☆204Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆170Updated 2 weeks ago
- ☆117Updated 2 months ago
- ☆277Updated last year
- Attempt at Obfuscated version of SharpCollection☆216Updated last week
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- ☆123Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆200Updated 11 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆291Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆200Updated 7 months ago
- A collection of Cobalt Strike Aggressor scripts.☆96Updated 3 years ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆140Updated last year
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆231Updated last year
- ☆299Updated 7 months ago
- Find .net assemblies locally☆113Updated 2 years ago