Proof-of-concept security demo illustrating how PowerShell can create trusted-looking Windows toast notifications chained together with ClickFix-style lure
☆16Apr 12, 2026Updated 3 months ago
Alternatives and similar repositories for toastfix-demo
Users that are interested in toastfix-demo are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed a…☆27May 21, 2026Updated last month
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Dump LSASS via physical memory read primitives in vulnerable kernel drivers☆35Feb 25, 2026Updated 4 months ago
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- Nim implementation for sud0Ru's Credential Dumping from SAM/SECURITY Hives Method (a.k.a. SilentHarvest)☆107Apr 4, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Community Eventing and Scripting examples☆19Aug 11, 2025Updated 11 months ago
- My studies on Malware Development☆20Jul 6, 2026Updated last week
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆85Jan 26, 2026Updated 5 months ago
- Stealthy .NET assembly loading using AssemblyNative::LoadFromBuffer☆58Mar 22, 2026Updated 3 months ago
- ☆12Jan 10, 2025Updated last year
- A little tool to play with Windows security☆158Apr 10, 2026Updated 3 months ago
- A stealthy loader for shellcode staged with http/https like Sliver☆54Updated this week
- Aether is a Windows memory-forensics and threat hunting tool that scans live process memory for malicious pattern, detect injection techn…☆52Jul 5, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Encrypted command‑and‑control (C2) research framework for cybersecurity education, red team labs, and secure client‑server communication …☆31Mar 15, 2026Updated 4 months ago
- Python tool to automatically perform SPN-less RBCD attacks.☆132Jan 7, 2026Updated 6 months ago
- ☆17Feb 14, 2025Updated last year
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 3 weeks ago
- Cobalt Strike automation scripts collection☆12Oct 28, 2020Updated 5 years ago
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- A C# tool for extracting information from SCCM PXE boot media.☆57May 21, 2026Updated last month
- PowerShell module for mapping byte offsets to source context and locating AMSI or Microsoft Defender detection boundaries in text and bin…☆35Updated this week
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 8 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Modify machine code in binaries with alternative x64 assembly opcodes for AV evasion☆225Jul 7, 2026Updated last week
- A tool for exploiting Kerberos tickets against system with Credential Guard enabled.☆15Sep 2, 2025Updated 10 months ago
- RxRPC privesc PoC without fcrypt() restrictions☆23May 9, 2026Updated 2 months ago
- Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID☆176Updated this week
- The PoC for CVE-2025-70795 / CVE-2026-0828 and updated driver☆49Mar 13, 2026Updated 4 months ago
- Phantom is project created to perform loading and executing unmanaged code in memory within an IIS environment running in full‑trust mode…☆107Jun 5, 2026Updated last month
- PoC framework for Sliver compilation☆22Jan 14, 2025Updated last year
- Automatically deploying Mythic C2 in Azure using Terraform☆20Jul 3, 2026Updated last week
- Aliasr is a modern, feature-rich TUI launcher for pentest commands.☆114Apr 23, 2026Updated 2 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Create local administrators with the SAMR API (lowest-level technique). Implemented in C#, Crystal, Python and Rust☆89Mar 7, 2026Updated 4 months ago
- Run PowerShell command without invoking powershell.exe☆27Apr 9, 2026Updated 3 months ago
- PPLReaper is a Windows UNSIGNED kernel driver + userland companion tool designed to inspect and manipulate Protected Process Light (PPL) …☆24Mar 4, 2026Updated 4 months ago
- Usermode detector that catches indirect syscalls. Traps Hell's Hall, Tartarus' Gate, RecycledGate, and VEH syscalls & Many more.☆84Jun 15, 2026Updated last month
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆173Jun 19, 2026Updated 3 weeks ago